1. 13 Sep, 2013 1 commit
    • msaboff@apple.com's avatar
      fourthTier: Change JSStack to grow from high to low addresses · b70e41bc
      msaboff@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=118758
      
      Reviewed by Oliver Hunt.
      
      Changed the JSC stack to grow down.  Effectively the JSC stack frame is flipped from
      what it was.  See JSStack.h for the new offsets.  Changed JSStack begin() and end()
      to be getBaseOfStack() and getLimitOfStack().  Most of the changes are address or offset
      calculation changes.  Decoupled a local register ordinal (loop variable or array index)
      from the offset into the callFrame using localToOperand() and the inverse operandToLocal().
      
      * assembler/MacroAssembler.h:
      (JSC::MacroAssembler::trustedImm32ForShift):
      (JSC::MacroAssembler::lshiftPtr): Added to create scaled addresses with a negative index
      * assembler/MacroAssemblerX86_64.h:
      (JSC::MacroAssemblerX86_64::lshift64): Added to create scaled addresses with a negative index
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::shlq_i8r): Added to create scaled addresses with a negative index
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dumpBytecode):
      * bytecode/CodeBlock.h:
      (JSC::unmodifiedArgumentsRegister):
      (JSC::CodeBlock::isCaptured):
      * bytecode/CodeOrigin.h:
      (JSC::CodeOrigin::stackOffset):
      * bytecode/Operands.h:
      (JSC::localToOperand):
      (JSC::operandIsLocal):
      (JSC::operandToLocal):
      (JSC::operandIsArgument):
      (JSC::operandToArgument):
      (JSC::argumentToOperand):
      * bytecode/VirtualRegister.h: Made InvalidVirtualRegister a positive value that fits in
      31 bits since it can be placed into the 31 bit field "stackOffset" in struct InlineCallFrame.
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::addVar):
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::createLazyRegisterIfNecessary):
      (JSC::BytecodeGenerator::newRegister):
      (JSC::BytecodeGenerator::emitNewArray):
      * bytecompiler/BytecodeGenerator.h:
      (JSC::CallArguments::registerOffset):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::CallArguments::CallArguments):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::findArgumentPositionForLocal):
      (JSC::DFG::ByteCodeParser::addCall):
      (JSC::DFG::ByteCodeParser::handleCall):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::compileFunction):
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGScoreBoard.h:
      (JSC::DFG::ScoreBoard::allocate):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compileGetByValOnArguments):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callFrameSlot):
      (JSC::DFG::SpeculativeJIT::argumentSlot):
      (JSC::DFG::SpeculativeJIT::callFrameTagSlot):
      (JSC::DFG::SpeculativeJIT::callFramePayloadSlot):
      (JSC::DFG::SpeculativeJIT::argumentTagSlot):
      (JSC::DFG::SpeculativeJIT::argumentPayloadSlot):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::emitCall):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::emitCall):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGValidate.cpp:
      (JSC::DFG::Validate::reportValidationContext):
      * ftl/FTLLink.cpp:
      (JSC::FTL::link):
      * heap/ConservativeRoots.cpp:
      (JSC::ConservativeRoots::genericAddSpan):
      * interpreter/CallFrame.cpp:
      (JSC::CallFrame::frameExtentInternal):
      * interpreter/CallFrame.h:
      (JSC::ExecState::init):
      (JSC::ExecState::argumentOffset):
      (JSC::ExecState::argumentOffsetIncludingThis):
      (JSC::ExecState::argIndexForRegister):
      * interpreter/Interpreter.cpp:
      (JSC::loadVarargs):
      (JSC::Interpreter::dumpRegisters):
      * interpreter/JSStack.cpp:
      (JSC::JSStack::JSStack):
      (JSC::JSStack::~JSStack):
      (JSC::JSStack::growSlowCase):
      (JSC::JSStack::gatherConservativeRoots):
      (JSC::JSStack::releaseExcessCapacity):
      (JSC::JSStack::disableErrorStackReserve):
      * interpreter/JSStack.h:
      (JSC::JSStack::getBaseOfStack):
      (JSC::JSStack::getLimitOfStack):
      (JSC::JSStack::size):
      (JSC::JSStack::end):
      (JSC::JSStack::containsAddress):
      (JSC::JSStack::lowAddress):
      (JSC::JSStack::highAddress):
      (JSC::JSStack::reservationEnd):
      (JSC::JSStack::shrink):
      (JSC::JSStack::grow):
      * interpreter/JSStackInlines.h:
      (JSC::JSStack::getTopOfFrame):
      (JSC::JSStack::pushFrame):
      (JSC::JSStack::popFrame):
      (JSC::JSStack::installTrapsAfterFrame):
      * interpreter/StackVisitor.cpp:
      (JSC::inlinedFrameOffset):
      (JSC::StackVisitor::readInlinedFrame):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompile):
      * jit/JITCall.cpp:
      (JSC::JIT::compileLoadVarargs):
      (JSC::JIT::compileOpCall):
      * jit/JITCall32_64.cpp:
      (JSC::JIT::compileLoadVarargs):
      (JSC::JIT::compileOpCall):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_create_activation):
      (JSC::JIT::emit_op_get_argument_by_val):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_get_argument_by_val):
      * jit/JITStubs.cpp:
      (JSC::throwExceptionFromOpCall):
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/ThunkGenerators.cpp:
      (JSC::arityFixup):
      * llint/LLIntData.cpp:
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::genericCall):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/ArgList.cpp:
      (JSC::ArgList::getSlice):
      (JSC::MarkedArgumentBuffer::slowAppend):
      * runtime/ArgList.h:
      (JSC::MarkedArgumentBuffer::MarkedArgumentBuffer):
      (JSC::MarkedArgumentBuffer::slotFor):
      (JSC::MarkedArgumentBuffer::mallocBase):
      (JSC::ArgList::at):
      * runtime/Arguments.cpp:
      (JSC::Arguments::tearOff):
      * runtime/ArrayConstructor.cpp:
      (JSC::constructArrayWithSizeQuirk):
      * runtime/CommonSlowPaths.cpp:
      (JSC::SLOW_PATH_DECL):
      * runtime/JSActivation.h:
      (JSC::JSActivation::registersOffset):
      (JSC::JSActivation::tearOff):
      (JSC::JSActivation::isValidIndex):
      * runtime/JSArray.h:
      (JSC::constructArrayNegativeIndexed): New method to create an array from registers that grow down.
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::globalExec):
      * runtime/JSGlobalObject.h:
      (JSC::constructArrayNegativeIndexed):
      * runtime/JSString.h:
      * runtime/Operations.h:
      (JSC::jsStringFromRegisterArray):
      * runtime/SymbolTable.h:
      (JSC::SharedSymbolTable::captureCount):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155711 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b70e41bc
  2. 21 Aug, 2013 2 commits
    • barraclough@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=120139 · 61ff98cd
      barraclough@apple.com authored
      PropertyDescriptor argument to define methods should be const
      
      Rubber stamped by Sam Weinig.
      
      This should never be modified, and this way we can use rvalues.
      
      Source/JavaScriptCore: 
      
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::defineOwnProperty):
      * debugger/DebuggerActivation.h:
      * runtime/Arguments.cpp:
      (JSC::Arguments::defineOwnProperty):
      * runtime/Arguments.h:
      * runtime/ClassInfo.h:
      * runtime/JSArray.cpp:
      (JSC::JSArray::defineOwnProperty):
      * runtime/JSArray.h:
      * runtime/JSArrayBuffer.cpp:
      (JSC::JSArrayBuffer::defineOwnProperty):
      * runtime/JSArrayBuffer.h:
      * runtime/JSArrayBufferView.cpp:
      (JSC::JSArrayBufferView::defineOwnProperty):
      * runtime/JSArrayBufferView.h:
      * runtime/JSCell.cpp:
      (JSC::JSCell::defineOwnProperty):
      * runtime/JSCell.h:
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::defineOwnProperty):
      * runtime/JSFunction.h:
      * runtime/JSGenericTypedArrayView.h:
      * runtime/JSGenericTypedArrayViewInlines.h:
      (JSC::::defineOwnProperty):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::defineOwnProperty):
      * runtime/JSGlobalObject.h:
      * runtime/JSObject.cpp:
      (JSC::JSObject::putIndexedDescriptor):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::putDescriptor):
      (JSC::JSObject::defineOwnNonIndexProperty):
      (JSC::JSObject::defineOwnProperty):
      * runtime/JSObject.h:
      * runtime/JSProxy.cpp:
      (JSC::JSProxy::defineOwnProperty):
      * runtime/JSProxy.h:
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::defineOwnProperty):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::defineOwnProperty):
      * runtime/RegExpObject.h:
      * runtime/StringObject.cpp:
      (JSC::StringObject::defineOwnProperty):
      * runtime/StringObject.h:
          - make PropertyDescriptor const
      
      Source/WebCore: 
      
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::defineOwnProperty):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::JSLocation::defineOwnProperty):
      (WebCore::JSLocationPrototype::defineOwnProperty):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
          - make PropertyDescriptor const
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154422 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      61ff98cd
    • fpizlo@apple.com's avatar
      DFG should inline new typedArray() · 372fa82b
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=120022
      
      Source/JavaScriptCore: 
      
      Reviewed by Oliver Hunt.
              
      Adds inlining of typed array allocations in the DFG. Any operation of the
      form:
              
          new foo(blah)
              
      or:
              
          foo(blah)
              
      where 'foo' is a typed array constructor and 'blah' is exactly one argument,
      is turned into the NewTypedArray intrinsic. Later, of child1 (i.e. 'blah')
      is predicted integer, we generate inline code for an allocation. Otherwise
      it turns into a call to an operation that behaves like the constructor would
      if it was passed one argument (i.e. it may wrap a buffer or it may create a
      copy or another array, or it may allocate an array of that length).
      
      * bytecode/SpeculatedType.cpp:
      (JSC::speculationFromTypedArrayType):
      (JSC::speculationFromClassInfo):
      * bytecode/SpeculatedType.h:
      * dfg/DFGAbstractInterpreterInlines.h:
      (JSC::DFG::::executeEffects):
      * dfg/DFGBackwardsPropagationPhase.cpp:
      (JSC::DFG::BackwardsPropagationPhase::propagate):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor):
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      * dfg/DFGCCallHelpers.h:
      (JSC::DFG::CCallHelpers::setupArgumentsWithExecState):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::putStructureStoreElimination):
      * dfg/DFGClobberize.h:
      (JSC::DFG::clobberize):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::hasTypedArrayType):
      (JSC::DFG::Node::typedArrayType):
      * dfg/DFGNodeType.h:
      * dfg/DFGOperations.cpp:
      (JSC::DFG::newTypedArrayWithSize):
      (JSC::DFG::newTypedArrayWithOneArgument):
      * dfg/DFGOperations.h:
      (JSC::DFG::operationNewTypedArrayWithSizeForType):
      (JSC::DFG::operationNewTypedArrayWithOneArgumentForType):
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGSafeToExecute.h:
      (JSC::DFG::safeToExecute):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compileNewTypedArray):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_new_object):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_new_object):
      * runtime/JSArray.h:
      (JSC::JSArray::allocationSize):
      * runtime/JSArrayBufferView.h:
      (JSC::JSArrayBufferView::allocationSize):
      * runtime/JSGenericTypedArrayViewConstructorInlines.h:
      (JSC::constructGenericTypedArrayView):
      * runtime/JSObject.h:
      (JSC::JSFinalObject::allocationSize):
      * runtime/TypedArrayType.cpp:
      (JSC::constructorClassInfoForType):
      * runtime/TypedArrayType.h:
      (JSC::indexToTypedArrayType):
      
      LayoutTests: 
      
      Reviewed by Oliver Hunt.
      
      * fast/js/regress/Float64Array-alloc-long-lived-expected.txt: Added.
      * fast/js/regress/Float64Array-alloc-long-lived.html: Added.
      * fast/js/regress/Int16Array-alloc-long-lived-expected.txt: Added.
      * fast/js/regress/Int16Array-alloc-long-lived.html: Added.
      * fast/js/regress/Int8Array-alloc-long-lived-expected.txt: Added.
      * fast/js/regress/Int8Array-alloc-long-lived.html: Added.
      * fast/js/regress/script-tests/Float64Array-alloc-long-lived.js: Added.
      * fast/js/regress/script-tests/Int16Array-alloc-long-lived.js: Added.
      * fast/js/regress/script-tests/Int32Array-alloc-long-lived.js:
      * fast/js/regress/script-tests/Int8Array-alloc-long-lived.js: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154403 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      372fa82b
  3. 20 Aug, 2013 1 commit
    • barraclough@apple.com's avatar
      https://bugs.webkit.org/show_bug.cgi?id=120093 · 174570f9
      barraclough@apple.com authored
      Remove getOwnPropertyDescriptor trap
      
      Reviewed by Geoff Garen.
      
      All implementations of this method are now called via the method table, and equivalent in behaviour.
      Remove all duplicate implementations (and the method table trap), and add a single member function implementation on JSObject.
      
      Source/JavaScriptCore: 
      
      * API/JSCallbackObject.h:
      * API/JSCallbackObjectFunctions.h:
      * debugger/DebuggerActivation.cpp:
      * debugger/DebuggerActivation.h:
      * runtime/Arguments.cpp:
      * runtime/Arguments.h:
      * runtime/ArrayConstructor.cpp:
      * runtime/ArrayConstructor.h:
      * runtime/ArrayPrototype.cpp:
      * runtime/ArrayPrototype.h:
      * runtime/BooleanPrototype.cpp:
      * runtime/BooleanPrototype.h:
          - remove getOwnPropertyDescriptor
      * runtime/ClassInfo.h:
          - remove getOwnPropertyDescriptor from MethodTable
      * runtime/DateConstructor.cpp:
      * runtime/DateConstructor.h:
      * runtime/DatePrototype.cpp:
      * runtime/DatePrototype.h:
      * runtime/ErrorPrototype.cpp:
      * runtime/ErrorPrototype.h:
      * runtime/JSActivation.cpp:
      * runtime/JSActivation.h:
      * runtime/JSArray.cpp:
      * runtime/JSArray.h:
      * runtime/JSArrayBuffer.cpp:
      * runtime/JSArrayBuffer.h:
      * runtime/JSArrayBufferView.cpp:
      * runtime/JSArrayBufferView.h:
      * runtime/JSCell.cpp:
      * runtime/JSCell.h:
      * runtime/JSDataView.cpp:
      * runtime/JSDataView.h:
      * runtime/JSDataViewPrototype.cpp:
      * runtime/JSDataViewPrototype.h:
      * runtime/JSFunction.cpp:
      * runtime/JSFunction.h:
      * runtime/JSGenericTypedArrayView.h:
      * runtime/JSGenericTypedArrayViewInlines.h:
      * runtime/JSGlobalObject.cpp:
      * runtime/JSGlobalObject.h:
      * runtime/JSNotAnObject.cpp:
      * runtime/JSNotAnObject.h:
      * runtime/JSONObject.cpp:
      * runtime/JSONObject.h:
          - remove getOwnPropertyDescriptor
      * runtime/JSObject.cpp:
      (JSC::JSObject::propertyIsEnumerable):
          - switch to call new getOwnPropertyDescriptor member function
      (JSC::JSObject::getOwnPropertyDescriptor):
          - new, based on imlementation from GET_OWN_PROPERTY_DESCRIPTOR_IMPL
      (JSC::JSObject::defineOwnNonIndexProperty):
          - switch to call new getOwnPropertyDescriptor member function
      * runtime/JSObject.h:
      * runtime/JSProxy.cpp:
      * runtime/JSProxy.h:
      * runtime/NamePrototype.cpp:
      * runtime/NamePrototype.h:
      * runtime/NumberConstructor.cpp:
      * runtime/NumberConstructor.h:
      * runtime/NumberPrototype.cpp:
      * runtime/NumberPrototype.h:
          - remove getOwnPropertyDescriptor
      * runtime/ObjectConstructor.cpp:
      (JSC::objectConstructorGetOwnPropertyDescriptor):
      (JSC::objectConstructorSeal):
      (JSC::objectConstructorFreeze):
      (JSC::objectConstructorIsSealed):
      (JSC::objectConstructorIsFrozen):
          - switch to call new getOwnPropertyDescriptor member function
      * runtime/ObjectConstructor.h:
          - remove getOwnPropertyDescriptor
      * runtime/PropertyDescriptor.h:
          - remove GET_OWN_PROPERTY_DESCRIPTOR_IMPL
      * runtime/RegExpConstructor.cpp:
      * runtime/RegExpConstructor.h:
      * runtime/RegExpMatchesArray.cpp:
      * runtime/RegExpMatchesArray.h:
      * runtime/RegExpObject.cpp:
      * runtime/RegExpObject.h:
      * runtime/RegExpPrototype.cpp:
      * runtime/RegExpPrototype.h:
      * runtime/StringConstructor.cpp:
      * runtime/StringConstructor.h:
      * runtime/StringObject.cpp:
      * runtime/StringObject.h:
          - remove getOwnPropertyDescriptor
      
      Source/WebCore: 
      
      * WebCore.exp.in:
      * bindings/js/JSDOMWindowCustom.cpp:
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateConstructorDeclaration):
      (GenerateConstructorHelperMethods):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
      * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
      * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
      * bindings/scripts/test/JS/JSTestEventConstructor.h:
      * bindings/scripts/test/JS/JSTestEventTarget.cpp:
      * bindings/scripts/test/JS/JSTestEventTarget.h:
      * bindings/scripts/test/JS/JSTestException.cpp:
      * bindings/scripts/test/JS/JSTestException.h:
      * bindings/scripts/test/JS/JSTestInterface.cpp:
      * bindings/scripts/test/JS/JSTestInterface.h:
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
      * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
      * bindings/scripts/test/JS/JSTestNamedConstructor.h:
      * bindings/scripts/test/JS/JSTestNode.cpp:
      * bindings/scripts/test/JS/JSTestNode.h:
      * bindings/scripts/test/JS/JSTestObj.cpp:
      * bindings/scripts/test/JS/JSTestObj.h:
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
      * bindings/scripts/test/JS/JSTestTypedefs.cpp:
      * bindings/scripts/test/JS/JSTestTypedefs.h:
      * bridge/jsc/BridgeJSC.h:
      (JSC::Bindings::Instance::getOwnPropertySlot):
      * bridge/objc/objc_runtime.h:
      * bridge/objc/objc_runtime.mm:
      * bridge/runtime_array.cpp:
      * bridge/runtime_array.h:
      * bridge/runtime_method.cpp:
      * bridge/runtime_method.h:
      * bridge/runtime_object.cpp:
      * bridge/runtime_object.h:
          - remove getOwnPropertyDescriptor
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      * WebProcess/Plugins/Netscape/JSNPObject.h:
          - remove getOwnPropertyDescriptor
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154373 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      174570f9
  4. 14 Aug, 2013 1 commit
    • fpizlo@apple.com's avatar
      Foo::s_info should be Foo::info(), so that you can change how the s_info is actually linked · 10ae2d0d
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=119770
      
      Reviewed by Mark Hahnenberg.
      
      Source/JavaScriptCore: 
      
      * API/JSCallbackConstructor.cpp:
      (JSC::JSCallbackConstructor::finishCreation):
      * API/JSCallbackConstructor.h:
      (JSC::JSCallbackConstructor::createStructure):
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::finishCreation):
      * API/JSCallbackFunction.h:
      (JSC::JSCallbackFunction::createStructure):
      * API/JSCallbackObject.cpp:
      (JSC::::createStructure):
      * API/JSCallbackObject.h:
      (JSC::JSCallbackObject::visitChildren):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::asCallbackObject):
      (JSC::::finishCreation):
      * API/JSObjectRef.cpp:
      (JSObjectGetPrivate):
      (JSObjectSetPrivate):
      (JSObjectGetPrivateProperty):
      (JSObjectSetPrivateProperty):
      (JSObjectDeletePrivateProperty):
      * API/JSValueRef.cpp:
      (JSValueIsObjectOfClass):
      * API/JSWeakObjectMapRefPrivate.cpp:
      * API/ObjCCallbackFunction.h:
      (JSC::ObjCCallbackFunction::createStructure):
      * JSCTypedArrayStubs.h:
      * bytecode/CallLinkStatus.cpp:
      (JSC::CallLinkStatus::CallLinkStatus):
      (JSC::CallLinkStatus::function):
      (JSC::CallLinkStatus::internalFunction):
      * bytecode/CodeBlock.h:
      (JSC::baselineCodeBlockForInlineCallFrame):
      * bytecode/SpeculatedType.cpp:
      (JSC::speculationFromClassInfo):
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::UnlinkedFunctionExecutable::visitChildren):
      (JSC::UnlinkedCodeBlock::visitChildren):
      (JSC::UnlinkedProgramCodeBlock::visitChildren):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC::UnlinkedFunctionExecutable::createStructure):
      (JSC::UnlinkedProgramCodeBlock::createStructure):
      (JSC::UnlinkedEvalCodeBlock::createStructure):
      (JSC::UnlinkedFunctionCodeBlock::createStructure):
      * debugger/Debugger.cpp:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::visitChildren):
      * debugger/DebuggerActivation.h:
      (JSC::DebuggerActivation::createStructure):
      * debugger/DebuggerCallFrame.cpp:
      (JSC::DebuggerCallFrame::functionName):
      * dfg/DFGAbstractInterpreterInlines.h:
      (JSC::DFG::::executeEffects):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::isStringPrototypeMethodSane):
      (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::isInternalFunctionConstant):
      * dfg/DFGOperations.cpp:
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::compileNewStringObject):
      * dfg/DFGThunks.cpp:
      (JSC::DFG::virtualForThunkGenerator):
      * interpreter/Interpreter.cpp:
      (JSC::loadVarargs):
      * jsc.cpp:
      (GlobalObject::createStructure):
      * profiler/LegacyProfiler.cpp:
      (JSC::LegacyProfiler::createCallIdentifier):
      * runtime/Arguments.cpp:
      (JSC::Arguments::visitChildren):
      * runtime/Arguments.h:
      (JSC::Arguments::createStructure):
      (JSC::asArguments):
      (JSC::Arguments::finishCreation):
      * runtime/ArrayConstructor.cpp:
      (JSC::arrayConstructorIsArray):
      * runtime/ArrayConstructor.h:
      (JSC::ArrayConstructor::createStructure):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::finishCreation):
      (JSC::arrayProtoFuncConcat):
      (JSC::attemptFastSort):
      * runtime/ArrayPrototype.h:
      (JSC::ArrayPrototype::createStructure):
      * runtime/BooleanConstructor.h:
      (JSC::BooleanConstructor::createStructure):
      * runtime/BooleanObject.cpp:
      (JSC::BooleanObject::finishCreation):
      * runtime/BooleanObject.h:
      (JSC::BooleanObject::createStructure):
      (JSC::asBooleanObject):
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::finishCreation):
      (JSC::booleanProtoFuncToString):
      (JSC::booleanProtoFuncValueOf):
      * runtime/BooleanPrototype.h:
      (JSC::BooleanPrototype::createStructure):
      * runtime/DateConstructor.cpp:
      (JSC::constructDate):
      * runtime/DateConstructor.h:
      (JSC::DateConstructor::createStructure):
      * runtime/DateInstance.cpp:
      (JSC::DateInstance::finishCreation):
      * runtime/DateInstance.h:
      (JSC::DateInstance::createStructure):
      (JSC::asDateInstance):
      * runtime/DatePrototype.cpp:
      (JSC::formateDateInstance):
      (JSC::DatePrototype::finishCreation):
      (JSC::dateProtoFuncToISOString):
      (JSC::dateProtoFuncToLocaleString):
      (JSC::dateProtoFuncToLocaleDateString):
      (JSC::dateProtoFuncToLocaleTimeString):
      (JSC::dateProtoFuncGetTime):
      (JSC::dateProtoFuncGetFullYear):
      (JSC::dateProtoFuncGetUTCFullYear):
      (JSC::dateProtoFuncGetMonth):
      (JSC::dateProtoFuncGetUTCMonth):
      (JSC::dateProtoFuncGetDate):
      (JSC::dateProtoFuncGetUTCDate):
      (JSC::dateProtoFuncGetDay):
      (JSC::dateProtoFuncGetUTCDay):
      (JSC::dateProtoFuncGetHours):
      (JSC::dateProtoFuncGetUTCHours):
      (JSC::dateProtoFuncGetMinutes):
      (JSC::dateProtoFuncGetUTCMinutes):
      (JSC::dateProtoFuncGetSeconds):
      (JSC::dateProtoFuncGetUTCSeconds):
      (JSC::dateProtoFuncGetMilliSeconds):
      (JSC::dateProtoFuncGetUTCMilliseconds):
      (JSC::dateProtoFuncGetTimezoneOffset):
      (JSC::dateProtoFuncSetTime):
      (JSC::setNewValueFromTimeArgs):
      (JSC::setNewValueFromDateArgs):
      (JSC::dateProtoFuncSetYear):
      (JSC::dateProtoFuncGetYear):
      * runtime/DatePrototype.h:
      (JSC::DatePrototype::createStructure):
      * runtime/Error.h:
      (JSC::StrictModeTypeErrorFunction::createStructure):
      * runtime/ErrorConstructor.h:
      (JSC::ErrorConstructor::createStructure):
      * runtime/ErrorInstance.cpp:
      (JSC::ErrorInstance::finishCreation):
      * runtime/ErrorInstance.h:
      (JSC::ErrorInstance::createStructure):
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::finishCreation):
      * runtime/ErrorPrototype.h:
      (JSC::ErrorPrototype::createStructure):
      * runtime/ExceptionHelpers.cpp:
      (JSC::isTerminatedExecutionException):
      * runtime/ExceptionHelpers.h:
      (JSC::TerminatedExecutionError::createStructure):
      * runtime/Executable.cpp:
      (JSC::EvalExecutable::visitChildren):
      (JSC::ProgramExecutable::visitChildren):
      (JSC::FunctionExecutable::visitChildren):
      (JSC::ExecutableBase::hashFor):
      * runtime/Executable.h:
      (JSC::ExecutableBase::createStructure):
      (JSC::NativeExecutable::createStructure):
      (JSC::EvalExecutable::createStructure):
      (JSC::ProgramExecutable::createStructure):
      (JSC::FunctionExecutable::compileFor):
      (JSC::FunctionExecutable::compileOptimizedFor):
      (JSC::FunctionExecutable::createStructure):
      * runtime/FunctionConstructor.h:
      (JSC::FunctionConstructor::createStructure):
      * runtime/FunctionPrototype.cpp:
      (JSC::functionProtoFuncToString):
      (JSC::functionProtoFuncApply):
      (JSC::functionProtoFuncBind):
      * runtime/FunctionPrototype.h:
      (JSC::FunctionPrototype::createStructure):
      * runtime/GetterSetter.cpp:
      (JSC::GetterSetter::visitChildren):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::createStructure):
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::finishCreation):
      * runtime/InternalFunction.h:
      (JSC::InternalFunction::createStructure):
      (JSC::asInternalFunction):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::createStructure):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::visitChildren):
      (JSC::JSActivation::argumentsGetter):
      * runtime/JSActivation.h:
      (JSC::JSActivation::createStructure):
      (JSC::asActivation):
      * runtime/JSArray.h:
      (JSC::JSArray::createStructure):
      (JSC::asArray):
      (JSC::isJSArray):
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::finishCreation):
      (JSC::JSBoundFunction::visitChildren):
      * runtime/JSBoundFunction.h:
      (JSC::JSBoundFunction::createStructure):
      * runtime/JSCJSValue.cpp:
      (JSC::JSValue::dumpInContext):
      * runtime/JSCJSValueInlines.h:
      (JSC::JSValue::isFunction):
      * runtime/JSCell.h:
      (JSC::jsCast):
      (JSC::jsDynamicCast):
      * runtime/JSCellInlines.h:
      (JSC::allocateCell):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::finishCreation):
      (JSC::JSFunction::visitChildren):
      (JSC::skipOverBoundFunctions):
      (JSC::JSFunction::callerGetter):
      * runtime/JSFunction.h:
      (JSC::JSFunction::createStructure):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::visitChildren):
      (JSC::slowValidateCell):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::createStructure):
      * runtime/JSNameScope.cpp:
      (JSC::JSNameScope::visitChildren):
      * runtime/JSNameScope.h:
      (JSC::JSNameScope::createStructure):
      * runtime/JSNotAnObject.h:
      (JSC::JSNotAnObject::createStructure):
      * runtime/JSONObject.cpp:
      (JSC::JSONObject::finishCreation):
      (JSC::unwrapBoxedPrimitive):
      (JSC::Stringifier::Stringifier):
      (JSC::Stringifier::appendStringifiedValue):
      (JSC::Stringifier::Holder::Holder):
      (JSC::Walker::walk):
      (JSC::JSONProtoFuncStringify):
      * runtime/JSONObject.h:
      (JSC::JSONObject::createStructure):
      * runtime/JSObject.cpp:
      (JSC::getCallableObjectSlow):
      (JSC::JSObject::visitChildren):
      (JSC::JSObject::copyBackingStore):
      (JSC::JSFinalObject::visitChildren):
      (JSC::JSObject::ensureInt32Slow):
      (JSC::JSObject::ensureDoubleSlow):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::ensureArrayStorageSlow):
      * runtime/JSObject.h:
      (JSC::JSObject::finishCreation):
      (JSC::JSObject::createStructure):
      (JSC::JSNonFinalObject::createStructure):
      (JSC::JSFinalObject::createStructure):
      (JSC::isJSFinalObject):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::visitChildren):
      * runtime/JSPropertyNameIterator.h:
      (JSC::JSPropertyNameIterator::createStructure):
      * runtime/JSProxy.cpp:
      (JSC::JSProxy::visitChildren):
      * runtime/JSProxy.h:
      (JSC::JSProxy::createStructure):
      * runtime/JSScope.cpp:
      (JSC::JSScope::visitChildren):
      * runtime/JSSegmentedVariableObject.cpp:
      (JSC::JSSegmentedVariableObject::visitChildren):
      * runtime/JSString.h:
      (JSC::JSString::createStructure):
      (JSC::isJSString):
      * runtime/JSSymbolTableObject.cpp:
      (JSC::JSSymbolTableObject::visitChildren):
      * runtime/JSVariableObject.h:
      * runtime/JSWithScope.cpp:
      (JSC::JSWithScope::visitChildren):
      * runtime/JSWithScope.h:
      (JSC::JSWithScope::createStructure):
      * runtime/JSWrapperObject.cpp:
      (JSC::JSWrapperObject::visitChildren):
      * runtime/JSWrapperObject.h:
      (JSC::JSWrapperObject::createStructure):
      * runtime/MathObject.cpp:
      (JSC::MathObject::finishCreation):
      * runtime/MathObject.h:
      (JSC::MathObject::createStructure):
      * runtime/NameConstructor.h:
      (JSC::NameConstructor::createStructure):
      * runtime/NameInstance.h:
      (JSC::NameInstance::createStructure):
      (JSC::NameInstance::finishCreation):
      * runtime/NamePrototype.cpp:
      (JSC::NamePrototype::finishCreation):
      (JSC::privateNameProtoFuncToString):
      * runtime/NamePrototype.h:
      (JSC::NamePrototype::createStructure):
      * runtime/NativeErrorConstructor.cpp:
      (JSC::NativeErrorConstructor::visitChildren):
      * runtime/NativeErrorConstructor.h:
      (JSC::NativeErrorConstructor::createStructure):
      (JSC::NativeErrorConstructor::finishCreation):
      * runtime/NumberConstructor.cpp:
      (JSC::NumberConstructor::finishCreation):
      * runtime/NumberConstructor.h:
      (JSC::NumberConstructor::createStructure):
      * runtime/NumberObject.cpp:
      (JSC::NumberObject::finishCreation):
      * runtime/NumberObject.h:
      (JSC::NumberObject::createStructure):
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::finishCreation):
      * runtime/NumberPrototype.h:
      (JSC::NumberPrototype::createStructure):
      * runtime/ObjectConstructor.h:
      (JSC::ObjectConstructor::createStructure):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::finishCreation):
      * runtime/ObjectPrototype.h:
      (JSC::ObjectPrototype::createStructure):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyTable::createStructure):
      * runtime/PropertyTable.cpp:
      (JSC::PropertyTable::visitChildren):
      * runtime/RegExp.h:
      (JSC::RegExp::createStructure):
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpConstructor::finishCreation):
      (JSC::RegExpConstructor::visitChildren):
      (JSC::constructRegExp):
      * runtime/RegExpConstructor.h:
      (JSC::RegExpConstructor::createStructure):
      (JSC::asRegExpConstructor):
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::visitChildren):
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::createStructure):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::finishCreation):
      (JSC::RegExpObject::visitChildren):
      * runtime/RegExpObject.h:
      (JSC::RegExpObject::createStructure):
      (JSC::asRegExpObject):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncTest):
      (JSC::regExpProtoFuncExec):
      (JSC::regExpProtoFuncCompile):
      (JSC::regExpProtoFuncToString):
      * runtime/RegExpPrototype.h:
      (JSC::RegExpPrototype::createStructure):
      * runtime/SparseArrayValueMap.cpp:
      (JSC::SparseArrayValueMap::createStructure):
      * runtime/SparseArrayValueMap.h:
      * runtime/StrictEvalActivation.h:
      (JSC::StrictEvalActivation::createStructure):
      * runtime/StringConstructor.h:
      (JSC::StringConstructor::createStructure):
      * runtime/StringObject.cpp:
      (JSC::StringObject::finishCreation):
      * runtime/StringObject.h:
      (JSC::StringObject::createStructure):
      (JSC::asStringObject):
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::finishCreation):
      (JSC::stringProtoFuncReplace):
      (JSC::stringProtoFuncToString):
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSearch):
      (JSC::stringProtoFuncSplit):
      * runtime/StringPrototype.h:
      (JSC::StringPrototype::createStructure):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::get):
      (JSC::Structure::visitChildren):
      * runtime/Structure.h:
      (JSC::Structure::typeInfo):
      (JSC::Structure::previousID):
      (JSC::Structure::outOfLineSize):
      (JSC::Structure::totalStorageCapacity):
      (JSC::Structure::materializePropertyMapIfNecessary):
      (JSC::Structure::materializePropertyMapIfNecessaryForPinning):
      * runtime/StructureChain.cpp:
      (JSC::StructureChain::visitChildren):
      * runtime/StructureChain.h:
      (JSC::StructureChain::createStructure):
      * runtime/StructureInlines.h:
      (JSC::Structure::get):
      * runtime/StructureRareData.cpp:
      (JSC::StructureRareData::createStructure):
      (JSC::StructureRareData::visitChildren):
      * runtime/StructureRareData.h:
      * runtime/SymbolTable.h:
      (JSC::SharedSymbolTable::createStructure):
      * runtime/VM.cpp:
      (JSC::VM::VM):
      (JSC::StackPreservingRecompiler::operator()):
      (JSC::VM::releaseExecutableMemory):
      * runtime/WriteBarrier.h:
      (JSC::validateCell):
      * testRegExp.cpp:
      (GlobalObject::createStructure):
      
      Source/WebCore: 
      
      No new tests because no new behavior.
      
      * bindings/js/IDBBindingUtilities.cpp:
      (WebCore::createIDBKeyFromValue):
      * bindings/js/JSAttrCustom.cpp:
      (WebCore::JSAttr::visitChildren):
      * bindings/js/JSAudioTrackCustom.cpp:
      (WebCore::JSAudioTrack::visitChildren):
      * bindings/js/JSAudioTrackListCustom.cpp:
      (WebCore::JSAudioTrackList::visitChildren):
      * bindings/js/JSBlobCustom.cpp:
      (WebCore::JSBlobConstructor::constructJSBlob):
      * bindings/js/JSCSSRuleCustom.cpp:
      (WebCore::JSCSSRule::visitChildren):
      * bindings/js/JSCSSStyleDeclarationCustom.cpp:
      (WebCore::JSCSSStyleDeclaration::visitChildren):
      (WebCore::JSCSSStyleDeclaration::getOwnPropertyNames):
      * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
      (WebCore::toHTMLCanvasStyle):
      * bindings/js/JSCanvasRenderingContextCustom.cpp:
      (WebCore::JSCanvasRenderingContext::visitChildren):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::valueToDate):
      * bindings/js/JSDOMBinding.h:
      (WebCore::DOMConstructorObject::createStructure):
      (WebCore::getDOMStructure):
      (WebCore::toRefPtrNativeArray):
      (WebCore::getStaticValueSlotEntryWithoutCaching):
      * bindings/js/JSDOMFormDataCustom.cpp:
      (WebCore::toHTMLFormElement):
      (WebCore::JSDOMFormData::append):
      * bindings/js/JSDOMGlobalObject.cpp:
      (WebCore::JSDOMGlobalObject::finishCreation):
      (WebCore::JSDOMGlobalObject::scriptExecutionContext):
      (WebCore::JSDOMGlobalObject::visitChildren):
      * bindings/js/JSDOMGlobalObject.h:
      (WebCore::JSDOMGlobalObject::info):
      (WebCore::JSDOMGlobalObject::createStructure):
      (WebCore::getDOMConstructor):
      * bindings/js/JSDOMStringListCustom.cpp:
      (WebCore::toDOMStringList):
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::finishCreation):
      (WebCore::toJSDOMWindow):
      * bindings/js/JSDOMWindowBase.h:
      (WebCore::JSDOMWindowBase::createStructure):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::visitChildren):
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
      (WebCore::toDOMWindow):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::finishCreation):
      * bindings/js/JSDOMWindowShell.h:
      (WebCore::JSDOMWindowShell::createStructure):
      * bindings/js/JSEventTargetCustom.cpp:
      (WebCore::toEventTarget):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::JSHistory::getOwnPropertySlotDelegate):
      (WebCore::JSHistory::getOwnPropertyDescriptorDelegate):
      * bindings/js/JSImageConstructor.cpp:
      (WebCore::JSImageConstructor::finishCreation):
      * bindings/js/JSImageConstructor.h:
      (WebCore::JSImageConstructor::createStructure):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::JSInjectedScriptHost::isHTMLAllCollection):
      (WebCore::JSInjectedScriptHost::type):
      (WebCore::JSInjectedScriptHost::functionDetails):
      * bindings/js/JSInspectorFrontendHostCustom.cpp:
      (WebCore::populateContextMenuItems):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::JSLocation::getOwnPropertySlotDelegate):
      (WebCore::JSLocation::getOwnPropertyDescriptorDelegate):
      (WebCore::JSLocation::putDelegate):
      * bindings/js/JSMessageChannelCustom.cpp:
      (WebCore::JSMessageChannel::visitChildren):
      * bindings/js/JSMessagePortCustom.cpp:
      (WebCore::JSMessagePort::visitChildren):
      * bindings/js/JSNodeCustom.cpp:
      (WebCore::JSNode::pushEventHandlerScope):
      (WebCore::JSNode::visitChildren):
      * bindings/js/JSNodeFilterCustom.cpp:
      (WebCore::JSNodeFilter::visitChildren):
      (WebCore::toNodeFilter):
      * bindings/js/JSNodeIteratorCustom.cpp:
      (WebCore::JSNodeIterator::visitChildren):
      * bindings/js/JSPluginElementFunctions.h:
      (WebCore::pluginElementCustomGetOwnPropertySlot):
      (WebCore::pluginElementCustomGetOwnPropertyDescriptor):
      * bindings/js/JSSVGElementInstanceCustom.cpp:
      (WebCore::JSSVGElementInstance::visitChildren):
      * bindings/js/JSSharedWorkerCustom.cpp:
      (WebCore::JSSharedWorker::visitChildren):
      * bindings/js/JSStyleSheetCustom.cpp:
      (WebCore::JSStyleSheet::visitChildren):
      * bindings/js/JSTextTrackCueCustom.cpp:
      (WebCore::JSTextTrackCue::visitChildren):
      * bindings/js/JSTextTrackCustom.cpp:
      (WebCore::JSTextTrack::visitChildren):
      * bindings/js/JSTextTrackListCustom.cpp:
      (WebCore::JSTextTrackList::visitChildren):
      * bindings/js/JSTrackCustom.cpp:
      (WebCore::toTrack):
      * bindings/js/JSTreeWalkerCustom.cpp:
      (WebCore::JSTreeWalker::visitChildren):
      * bindings/js/JSVideoTrackCustom.cpp:
      (WebCore::JSVideoTrack::visitChildren):
      * bindings/js/JSVideoTrackListCustom.cpp:
      (WebCore::JSVideoTrackList::visitChildren):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::JSWebGLRenderingContext::visitChildren):
      (WebCore::JSWebGLRenderingContext::getAttachedShaders):
      (WebCore::JSWebGLRenderingContext::getProgramParameter):
      (WebCore::JSWebGLRenderingContext::getShaderParameter):
      (WebCore::JSWebGLRenderingContext::getUniform):
      (WebCore::dataFunctionf):
      (WebCore::dataFunctioni):
      (WebCore::dataFunctionMatrix):
      * bindings/js/JSWorkerGlobalScopeBase.cpp:
      (WebCore::JSWorkerGlobalScopeBase::finishCreation):
      (WebCore::toJSDedicatedWorkerGlobalScope):
      (WebCore::toJSSharedWorkerGlobalScope):
      * bindings/js/JSWorkerGlobalScopeBase.h:
      (WebCore::JSWorkerGlobalScopeBase::createStructure):
      * bindings/js/JSWorkerGlobalScopeCustom.cpp:
      (WebCore::JSWorkerGlobalScope::visitChildren):
      * bindings/js/JSXMLHttpRequestCustom.cpp:
      (WebCore::JSXMLHttpRequest::visitChildren):
      (WebCore::JSXMLHttpRequest::send):
      * bindings/js/JSXPathResultCustom.cpp:
      (WebCore::JSXPathResult::visitChildren):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::dispatchDidPause):
      * bindings/js/ScriptState.cpp:
      (WebCore::domWindowFromScriptState):
      (WebCore::scriptExecutionContextFromScriptState):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneSerializer::isArray):
      (WebCore::CloneSerializer::dumpArrayBufferView):
      (WebCore::CloneSerializer::dumpIfTerminal):
      (WebCore::CloneSerializer::serialize):
      (WebCore::CloneDeserializer::CloneDeserializer):
      (WebCore::CloneDeserializer::readArrayBufferView):
      * bindings/objc/DOM.mm:
      (+[DOMNode _nodeFromJSWrapper:]):
      * bindings/objc/DOMUtility.mm:
      (JSC::createDOMWrapper):
      * bindings/objc/WebScriptObject.mm:
      (+[WebScriptObject _convertValueToObjcValue:JSC::originRootObject:rootObject:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateGetOwnPropertySlotBody):
      (GenerateGetOwnPropertyDescriptorBody):
      (GenerateHeader):
      (GenerateParametersCheckExpression):
      (GenerateImplementation):
      (GenerateParametersCheck):
      (GenerateConstructorDeclaration):
      (GenerateConstructorHelperMethods):
      * bindings/scripts/test/JS/JSFloat64Array.cpp:
      (WebCore::JSFloat64ArrayConstructor::finishCreation):
      (WebCore::JSFloat64Array::finishCreation):
      (WebCore::JSFloat64Array::getOwnPropertySlot):
      (WebCore::JSFloat64Array::getOwnPropertyDescriptor):
      (WebCore::JSFloat64Array::getOwnPropertySlotByIndex):
      (WebCore::JSFloat64Array::put):
      (WebCore::JSFloat64Array::putByIndex):
      (WebCore::JSFloat64Array::getOwnPropertyNames):
      (WebCore::jsFloat64ArrayPrototypeFunctionFoo):
      (WebCore::jsFloat64ArrayPrototypeFunctionSet):
      (WebCore::JSFloat64Array::getByIndex):
      (WebCore::toFloat64Array):
      * bindings/scripts/test/JS/JSFloat64Array.h:
      (WebCore::JSFloat64Array::createStructure):
      (WebCore::JSFloat64ArrayPrototype::createStructure):
      (WebCore::JSFloat64ArrayConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
      (WebCore::JSTestActiveDOMObjectConstructor::finishCreation):
      (WebCore::JSTestActiveDOMObject::finishCreation):
      (WebCore::JSTestActiveDOMObject::getOwnPropertySlot):
      (WebCore::JSTestActiveDOMObject::getOwnPropertyDescriptor):
      (WebCore::jsTestActiveDOMObjectPrototypeFunctionExcitingFunction):
      (WebCore::jsTestActiveDOMObjectPrototypeFunctionPostMessage):
      (WebCore::toTestActiveDOMObject):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
      (WebCore::JSTestActiveDOMObject::createStructure):
      (WebCore::JSTestActiveDOMObjectPrototype::createStructure):
      (WebCore::JSTestActiveDOMObjectConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
      (WebCore::JSTestCustomNamedGetterConstructor::finishCreation):
      (WebCore::JSTestCustomNamedGetter::finishCreation):
      (WebCore::JSTestCustomNamedGetter::getOwnPropertySlot):
      (WebCore::JSTestCustomNamedGetter::getOwnPropertyDescriptor):
      (WebCore::JSTestCustomNamedGetter::getOwnPropertySlotByIndex):
      (WebCore::jsTestCustomNamedGetterPrototypeFunctionAnotherFunction):
      (WebCore::toTestCustomNamedGetter):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
      (WebCore::JSTestCustomNamedGetter::createStructure):
      (WebCore::JSTestCustomNamedGetterPrototype::createStructure):
      (WebCore::JSTestCustomNamedGetterConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
      (WebCore::JSTestEventConstructorConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::getOwnPropertySlot):
      (WebCore::JSTestEventConstructor::getOwnPropertyDescriptor):
      (WebCore::toTestEventConstructor):
      * bindings/scripts/test/JS/JSTestEventConstructor.h:
      (WebCore::JSTestEventConstructor::createStructure):
      (WebCore::JSTestEventConstructorPrototype::createStructure):
      (WebCore::JSTestEventConstructorConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventTarget.cpp:
      (WebCore::JSTestEventTargetConstructor::finishCreation):
      (WebCore::JSTestEventTarget::finishCreation):
      (WebCore::JSTestEventTarget::getOwnPropertySlot):
      (WebCore::JSTestEventTarget::getOwnPropertyDescriptor):
      (WebCore::JSTestEventTarget::getOwnPropertySlotByIndex):
      (WebCore::JSTestEventTarget::getOwnPropertyNames):
      (WebCore::jsTestEventTargetPrototypeFunctionItem):
      (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
      (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
      (WebCore::jsTestEventTargetPrototypeFunctionDispatchEvent):
      (WebCore::JSTestEventTarget::visitChildren):
      (WebCore::JSTestEventTarget::indexGetter):
      (WebCore::toTestEventTarget):
      * bindings/scripts/test/JS/JSTestEventTarget.h:
      (WebCore::JSTestEventTarget::createStructure):
      (WebCore::JSTestEventTargetPrototype::createStructure):
      (WebCore::JSTestEventTargetConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestException.cpp:
      (WebCore::JSTestExceptionConstructor::finishCreation):
      (WebCore::JSTestException::finishCreation):
      (WebCore::JSTestException::getOwnPropertySlot):
      (WebCore::JSTestException::getOwnPropertyDescriptor):
      (WebCore::toTestException):
      * bindings/scripts/test/JS/JSTestException.h:
      (WebCore::JSTestException::createStructure):
      (WebCore::JSTestExceptionPrototype::createStructure):
      (WebCore::JSTestExceptionConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestInterface.cpp:
      (WebCore::JSTestInterfaceConstructor::finishCreation):
      (WebCore::JSTestInterface::finishCreation):
      (WebCore::JSTestInterface::getOwnPropertySlot):
      (WebCore::JSTestInterface::getOwnPropertyDescriptor):
      (WebCore::JSTestInterface::put):
      (WebCore::JSTestInterface::putByIndex):
      (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod1):
      (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2):
      (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod3):
      (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod1):
      (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2):
      (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod3):
      (WebCore::toTestInterface):
      * bindings/scripts/test/JS/JSTestInterface.h:
      (WebCore::JSTestInterface::createStructure):
      (WebCore::JSTestInterfacePrototype::createStructure):
      (WebCore::JSTestInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
      (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation):
      (WebCore::JSTestMediaQueryListListener::finishCreation):
      (WebCore::JSTestMediaQueryListListener::getOwnPropertySlot):
      (WebCore::JSTestMediaQueryListListener::getOwnPropertyDescriptor):
      (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod):
      (WebCore::toTestMediaQueryListListener):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
      (WebCore::JSTestMediaQueryListListener::createStructure):
      (WebCore::JSTestMediaQueryListListenerPrototype::createStructure):
      (WebCore::JSTestMediaQueryListListenerConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
      (WebCore::JSTestNamedConstructorConstructor::finishCreation):
      (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::getOwnPropertySlot):
      (WebCore::JSTestNamedConstructor::getOwnPropertyDescriptor):
      (WebCore::toTestNamedConstructor):
      * bindings/scripts/test/JS/JSTestNamedConstructor.h:
      (WebCore::JSTestNamedConstructor::createStructure):
      (WebCore::JSTestNamedConstructorPrototype::createStructure):
      (WebCore::JSTestNamedConstructorConstructor::createStructure):
      (WebCore::JSTestNamedConstructorNamedConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNode.cpp:
      (WebCore::JSTestNodeConstructor::finishCreation):
      (WebCore::JSTestNode::finishCreation):
      (WebCore::JSTestNode::getOwnPropertySlot):
      (WebCore::JSTestNode::getOwnPropertyDescriptor):
      (WebCore::JSTestNode::visitChildren):
      * bindings/scripts/test/JS/JSTestNode.h:
      (WebCore::JSTestNode::createStructure):
      (WebCore::JSTestNodePrototype::createStructure):
      (WebCore::JSTestNodeConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::JSTestObjConstructor::finishCreation):
      (WebCore::JSTestObj::finishCreation):
      (WebCore::JSTestObj::getOwnPropertySlot):
      (WebCore::JSTestObj::getOwnPropertyDescriptor):
      (WebCore::JSTestObj::put):
      (WebCore::jsTestObjPrototypeFunctionVoidMethod):
      (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionByteMethod):
      (WebCore::jsTestObjPrototypeFunctionByteMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionOctetMethod):
      (WebCore::jsTestObjPrototypeFunctionOctetMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionLongMethod):
      (WebCore::jsTestObjPrototypeFunctionLongMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionObjMethod):
      (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionMethodWithSequenceArg):
      (WebCore::jsTestObjPrototypeFunctionMethodReturningSequence):
      (WebCore::jsTestObjPrototypeFunctionMethodWithEnumArg):
      (WebCore::jsTestObjPrototypeFunctionMethodThatRequiresAllArgsAndThrows):
      (WebCore::jsTestObjPrototypeFunctionSerializedValue):
      (WebCore::jsTestObjPrototypeFunctionOptionsObject):
      (WebCore::jsTestObjPrototypeFunctionMethodWithException):
      (WebCore::jsTestObjPrototypeFunctionCustomMethod):
      (WebCore::jsTestObjPrototypeFunctionCustomMethodWithArgs):
      (WebCore::jsTestObjPrototypeFunctionAddEventListener):
      (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
      (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoid):
      (WebCore::jsTestObjPrototypeFunctionWithScriptStateObj):
      (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoidException):
      (WebCore::jsTestObjPrototypeFunctionWithScriptStateObjException):
      (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContext):
      (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptState):
      (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateObjException):
      (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateWithSpaces):
      (WebCore::jsTestObjPrototypeFunctionWithScriptArgumentsAndCallStack):
      (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArg):
      (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg):
      (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgs):
      (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalString):
      (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsUndefined):
      (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsNullString):
      (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackArg):
      (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackArg):
      (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackAndOptionalArg):
      (WebCore::jsTestObjPrototypeFunctionConditionalMethod1):
      (WebCore::jsTestObjPrototypeFunctionConditionalMethod2):
      (WebCore::jsTestObjPrototypeFunctionConditionalMethod3):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod1):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod2):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod3):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod4):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod5):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod6):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod7):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod8):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod9):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod10):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod11):
      (WebCore::jsTestObjPrototypeFunctionOverloadedMethod):
      (WebCore::jsTestObjPrototypeFunctionClassMethodWithClamp):
      (WebCore::jsTestObjPrototypeFunctionMethodWithUnsignedLongSequence):
      (WebCore::jsTestObjPrototypeFunctionStringArrayFunction):
      (WebCore::jsTestObjPrototypeFunctionDomStringListFunction):
      (WebCore::jsTestObjPrototypeFunctionGetSVGDocument):
      (WebCore::jsTestObjPrototypeFunctionConvert1):
      (WebCore::jsTestObjPrototypeFunctionConvert2):
      (WebCore::jsTestObjPrototypeFunctionConvert4):
      (WebCore::jsTestObjPrototypeFunctionConvert5):
      (WebCore::jsTestObjPrototypeFunctionMutablePointFunction):
      (WebCore::jsTestObjPrototypeFunctionImmutablePointFunction):
      (WebCore::jsTestObjPrototypeFunctionOrange):
      (WebCore::jsTestObjPrototypeFunctionStrictFunction):
      (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod):
      (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod):
      (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod):
      (WebCore::JSTestObj::visitChildren):
      (WebCore::toTestObj):
      * bindings/scripts/test/JS/JSTestObj.h:
      (WebCore::JSTestObj::createStructure):
      (WebCore::JSTestObjPrototype::createStructure):
      (WebCore::JSTestObjConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
      (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors):
      (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation):
      (WebCore::JSTestOverloadedConstructors::finishCreation):
      (WebCore::JSTestOverloadedConstructors::getOwnPropertySlot):
      (WebCore::JSTestOverloadedConstructors::getOwnPropertyDescriptor):
      (WebCore::toTestOverloadedConstructors):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
      (WebCore::JSTestOverloadedConstructors::createStructure):
      (WebCore::JSTestOverloadedConstructorsPrototype::createStructure):
      (WebCore::JSTestOverloadedConstructorsConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlot):
      (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertyDescriptor):
      (WebCore::JSTestSerializedScriptValueInterface::put):
      (WebCore::JSTestSerializedScriptValueInterface::visitChildren):
      (WebCore::toTestSerializedScriptValueInterface):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
      (WebCore::JSTestSerializedScriptValueInterface::createStructure):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure):
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestTypedefs.cpp:
      (WebCore::JSTestTypedefsConstructor::finishCreation):
      (WebCore::JSTestTypedefs::finishCreation):
      (WebCore::JSTestTypedefs::getOwnPropertySlot):
      (WebCore::JSTestTypedefs::getOwnPropertyDescriptor):
      (WebCore::JSTestTypedefs::put):
      (WebCore::jsTestTypedefsPrototypeFunctionFunc):
      (WebCore::jsTestTypedefsPrototypeFunctionSetShadow):
      (WebCore::jsTestTypedefsPrototypeFunctionMethodWithSequenceArg):
      (WebCore::jsTestTypedefsPrototypeFunctionNullableArrayArg):
      (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClamp):
      (WebCore::jsTestTypedefsPrototypeFunctionImmutablePointFunction):
      (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction):
      (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction2):
      (WebCore::jsTestTypedefsPrototypeFunctionMethodWithException):
      (WebCore::toTestTypedefs):
      * bindings/scripts/test/JS/JSTestTypedefs.h:
      (WebCore::JSTestTypedefs::createStructure):
      (WebCore::JSTestTypedefsPrototype::createStructure):
      (WebCore::JSTestTypedefsConstructor::createStructure):
      * bridge/c/CRuntimeObject.cpp:
      (JSC::Bindings::CRuntimeObject::finishCreation):
      * bridge/c/CRuntimeObject.h:
      (JSC::Bindings::CRuntimeObject::createStructure):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CRuntimeMethod::createStructure):
      (JSC::Bindings::CRuntimeMethod::finishCreation):
      (JSC::Bindings::CInstance::invokeMethod):
      * bridge/c/c_utility.cpp:
      (JSC::Bindings::convertValueToNPVariant):
      * bridge/objc/ObjCRuntimeObject.h:
      (JSC::Bindings::ObjCRuntimeObject::createStructure):
      * bridge/objc/objc_instance.mm:
      (ObjCRuntimeMethod::finishCreation):
      (ObjcInstance::invokeMethod):
      * bridge/objc/objc_runtime.h:
      (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
      (JSC::Bindings::callObjCFallbackObject):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtRuntimeObject::createStructure):
      (JSC::Bindings::QtInstance::getInstance):
      * bridge/qt/qt_pixmapruntime.cpp:
      (JSC::Bindings::assignToHTMLImageElement):
      (JSC::Bindings::QtPixmapRuntime::toQt):
      * bridge/qt/qt_runtime.cpp:
      (JSC::Bindings::isJSUint8Array):
      (JSC::Bindings::isJSArray):
      (JSC::Bindings::isJSDate):
      (JSC::Bindings::isQtObject):
      (JSC::Bindings::unwrapBoxedPrimitive):
      (JSC::Bindings::convertQVariantToValue):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::finishCreation):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::createStructure):
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::finishCreation):
      (JSC::callRuntimeMethod):
      * bridge/runtime_method.h:
      (JSC::RuntimeMethod::createStructure):
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::finishCreation):
      (JSC::Bindings::callRuntimeObject):
      (JSC::Bindings::callRuntimeConstructor):
      * bridge/runtime_object.h:
      (JSC::Bindings::RuntimeObject::createStructure):
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::getObjectID):
      (WebKit::NetscapePluginInstanceProxy::retainLocalObject):
      (WebKit::NetscapePluginInstanceProxy::releaseLocalObject):
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyRuntimeMethod::finishCreation):
      (WebKit::ProxyInstance::invokeMethod):
      * Plugins/Hosted/ProxyRuntimeObject.h:
      (WebKit::ProxyRuntimeObject::createStructure):
      * WebView/WebView.mm:
      (aeDescFromJSValue):
      
      Source/WebKit/qt: 
      
      * Api/qwebelement.cpp:
      (convertJSValueToWebElementVariant):
      * WebCoreSupport/DumpRenderTreeSupportQt.cpp:
      (convertJSValueToNodeVariant):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154038 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      10ae2d0d
  5. 31 Jul, 2013 1 commit
    • barraclough@apple.com's avatar
      Some cleanup in JSValue::get · ab7b6096
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=119343
      
      Reviewed by Geoff Garen.
      
      Source/JavaScriptCore: 
      
      JSValue::get is implemented to:
          1) Check if the value is a cell – if not, synthesize a prototype to search,
          2) call getOwnPropertySlot on the cell,
          3) if this returns false, cast to JSObject to get the prototype, and walk the prototype chain.
      By all rights this should crash when passed a string and accessing a property that does not exist, because
      the string is a cell, getOwnPropertySlot should return false, and the cast to JSObject should be unsafe.
      To work around this, JSString::getOwnPropertySlot actually implements 'get' functionality - searching the
      prototype chain, and faking out a return value of undefined if no property is found.
      
      This is a huge hazard, since fixing JSString::getOwnPropertySlot or calling getOwnPropertySlot on cells
      from elsewhere would introduce bugs. Fortunately it is only ever called in this one place.
      
      The fix here is to move getOwnPropertySlot onto JSObjecte and end this madness - cells don't have property
      slots anyway.
      
      Interesting changes are in JSCJSValueInlines.h, JSString.cpp - the rest is pretty much all JSCell -> JSObject.
      
      Source/WebCore: 
      
      * WebCore.exp.in:
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateConstructorDeclaration):
      (GenerateConstructorHelperMethods):
      * bridge/objc/objc_runtime.h:
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertySlot):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::getOwnPropertySlot):
      (JSC::RuntimeArray::getOwnPropertySlotByIndex):
      * bridge/runtime_array.h:
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::getOwnPropertySlot):
      * bridge/runtime_method.h:
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::getOwnPropertySlot):
      * bridge/runtime_object.h:
          - getOwnPropertySlot, JSCell -> JSObject
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::getOwnPropertySlot):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
          - getOwnPropertySlot, JSCell -> JSObject
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153532 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ab7b6096
  6. 25 Jul, 2013 1 commit
    • oliver@apple.com's avatar
      fourthTier: It should be possible to record heap operations (both FastMalloc and JSC GC) · a03796ac
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=116848
      
      Source/JavaScriptCore:
      
      Reviewed by Mark Hahnenberg.
      
      Record GC heap operations if ENABLE(ALLOCATION_LOGGING).
      
      * API/JSManagedValue.mm:
      * dfg/DFGOperations.cpp:
      * heap/Heap.cpp:
      (JSC::Heap::collect):
      * heap/Heap.h:
      (Heap):
      (JSC::Heap::allocateWithNormalDestructor):
      (JSC::Heap::allocateWithImmortalStructureDestructor):
      (JSC::Heap::allocateWithoutDestructor):
      (JSC::Heap::tryAllocateStorage):
      (JSC::Heap::tryReallocateStorage):
      (JSC):
      (JSC::Heap::ascribeOwner):
      * heap/SlotVisitor.cpp:
      (JSC::SlotVisitor::append):
      (JSC::SlotVisitor::internalAppend):
      * heap/SlotVisitor.h:
      (SlotVisitor):
      * heap/SlotVisitorInlines.h:
      (JSC::SlotVisitor::append):
      (JSC::SlotVisitor::appendUnbarrieredPointer):
      (JSC::SlotVisitor::appendUnbarrieredValue):
      (JSC::SlotVisitor::appendUnbarrieredWeak):
      (JSC::SlotVisitor::internalAppend):
      (JSC):
      (JSC::SlotVisitor::appendValues):
      * jit/JITWriteBarrier.h:
      (JSC::SlotVisitor::append):
      * llint/LLIntCommon.h:
      * runtime/Butterfly.h:
      (Butterfly):
      * runtime/ButterflyInlines.h:
      (JSC::Butterfly::createUninitialized):
      (JSC::Butterfly::create):
      (JSC::Butterfly::growPropertyStorage):
      (JSC::Butterfly::createOrGrowArrayRight):
      (JSC):
      (JSC::Butterfly::growArrayRight):
      (JSC::Butterfly::resizeArray):
      * runtime/JSArray.cpp:
      (JSC::createArrayButterflyInDictionaryIndexingMode):
      (JSC::JSArray::unshiftCountSlowCase):
      * runtime/JSArray.h:
      (JSC::createContiguousArrayButterfly):
      (JSC::createArrayButterfly):
      (JSC):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      * runtime/JSObject.cpp:
      (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists):
      (JSC::JSObject::createInitialIndexedStorage):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements):
      (JSC::JSObject::increaseVectorLength):
      (JSC::JSObject::ensureLengthSlow):
      (JSC::JSObject::growOutOfLineStorage):
      * runtime/JSObject.h:
      (JSC::JSObject::JSObject):
      * runtime/Operations.h:
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::create):
      * runtime/StructureInlines.h:
      (JSC):
      * runtime/WriteBarrier.h:
      (JSC):
      
      Source/WTF:
      
      Reviewed by Mark Hahnenberg.
      
      * WTF.xcodeproj/project.pbxproj:
      * wtf/DataLog.cpp:
      (WTF):
      (WTF::initializeLogFileOnce):
      * wtf/FastMalloc.cpp:
      (WTF::TCMalloc_ThreadCache::CreateCacheIfNecessary):
      * wtf/Platform.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153189 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a03796ac
  7. 18 Apr, 2013 1 commit
    • ggaren@apple.com's avatar
      Renamed JSGlobalData to VM · 9a9a4b52
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=114777
      
      Reviewed by Phil Pizlo.
      
      ../JavaScriptCore: 
      
      * API/APICast.h:
      (JSC):
      (toJS):
      (toRef):
      * API/APIShims.h:
      (JSC::APIEntryShimWithoutLock::APIEntryShimWithoutLock):
      (APIEntryShimWithoutLock):
      (JSC::APIEntryShim::APIEntryShim):
      (APIEntryShim):
      (JSC::APIEntryShim::~APIEntryShim):
      (JSC::APICallbackShim::APICallbackShim):
      (JSC::APICallbackShim::~APICallbackShim):
      (APICallbackShim):
      * API/JSAPIWrapperObject.h:
      (JSAPIWrapperObject):
      * API/JSAPIWrapperObject.mm:
      (JSC::::createStructure):
      (JSC::JSAPIWrapperObject::JSAPIWrapperObject):
      (JSC::JSAPIWrapperObject::finishCreation):
      (JSC::JSAPIWrapperObject::visitChildren):
      * API/JSBase.cpp:
      (JSGarbageCollect):
      (JSReportExtraMemoryCost):
      (JSSynchronousGarbageCollectForDebugging):
      * API/JSCallbackConstructor.cpp:
      (JSC::JSCallbackConstructor::JSCallbackConstructor):
      (JSC::JSCallbackConstructor::finishCreation):
      * API/JSCallbackConstructor.h:
      (JSC::JSCallbackConstructor::createStructure):
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::finishCreation):
      (JSC::JSCallbackFunction::create):
      * API/JSCallbackFunction.h:
      (JSCallbackFunction):
      (JSC::JSCallbackFunction::createStructure):
      * API/JSCallbackObject.cpp:
      (JSC::::create):
      (JSC::::createStructure):
      * API/JSCallbackObject.h:
      (JSC::JSCallbackObjectData::setPrivateProperty):
      (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
      (JSCallbackObject):
      (JSC::JSCallbackObject::setPrivateProperty):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::JSCallbackObject):
      (JSC::::finishCreation):
      (JSC::::put):
      (JSC::::staticFunctionGetter):
      * API/JSClassRef.cpp:
      (OpaqueJSClassContextData::OpaqueJSClassContextData):
      (OpaqueJSClass::contextData):
      (OpaqueJSClass::prototype):
      * API/JSClassRef.h:
      (OpaqueJSClassContextData):
      * API/JSContext.mm:
      (-[JSContext setException:]):
      (-[JSContext initWithGlobalContextRef:]):
      (+[JSContext contextWithGlobalContextRef:]):
      * API/JSContextRef.cpp:
      (JSContextGroupCreate):
      (JSContextGroupRelease):
      (JSGlobalContextCreate):
      (JSGlobalContextCreateInGroup):
      (JSGlobalContextRetain):
      (JSGlobalContextRelease):
      (JSContextGetGroup):
      (JSContextCreateBacktrace):
      * API/JSObjectRef.cpp:
      (JSObjectMake):
      (JSObjectMakeConstructor):
      (JSObjectMakeFunction):
      (JSObjectSetPrototype):
      (JSObjectHasProperty):
      (JSObjectGetProperty):
      (JSObjectSetProperty):
      (JSObjectDeleteProperty):
      (JSObjectGetPrivateProperty):
      (JSObjectSetPrivateProperty):
      (JSObjectDeletePrivateProperty):
      (OpaqueJSPropertyNameArray::OpaqueJSPropertyNameArray):
      (OpaqueJSPropertyNameArray):
      (JSObjectCopyPropertyNames):
      (JSPropertyNameArrayRelease):
      (JSPropertyNameAccumulatorAddName):
      * API/JSScriptRef.cpp:
      (OpaqueJSScript::create):
      (OpaqueJSScript::vm):
      (OpaqueJSScript::OpaqueJSScript):
      (OpaqueJSScript):
      (parseScript):
      * API/JSVirtualMachine.mm:
      (scanExternalObjectGraph):
      * API/JSVirtualMachineInternal.h:
      (JSC):
      * API/JSWrapperMap.mm:
      (makeWrapper):
      * API/ObjCCallbackFunction.h:
      (JSC::ObjCCallbackFunction::createStructure):
      * API/ObjCCallbackFunction.mm:
      (JSC::ObjCCallbackFunction::create):
      * API/OpaqueJSString.cpp:
      (OpaqueJSString::identifier):
      * API/OpaqueJSString.h:
      (JSC):
      (OpaqueJSString):
      * GNUmakefile.list.am:
      * JSCTypedArrayStubs.h:
      (JSC):
      * JavaScriptCore.order:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreExports.def:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
      * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
      * JavaScriptCore.vcxproj/JavaScriptCoreExportGenerator/JavaScriptCoreExports.def.in:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * KeywordLookupGenerator.py:
      (Trie.printSubTreeAsC):
      * Target.pri:
      * assembler/ARMAssembler.cpp:
      (JSC::ARMAssembler::executableCopy):
      * assembler/ARMAssembler.h:
      (ARMAssembler):
      * assembler/AssemblerBuffer.h:
      (JSC::AssemblerBuffer::executableCopy):
      * assembler/AssemblerBufferWithConstantPool.h:
      (JSC::AssemblerBufferWithConstantPool::executableCopy):
      * assembler/LinkBuffer.cpp:
      (JSC::LinkBuffer::linkCode):
      * assembler/LinkBuffer.h:
      (JSC):
      (JSC::LinkBuffer::LinkBuffer):
      (LinkBuffer):
      * assembler/MIPSAssembler.h:
      (JSC::MIPSAssembler::executableCopy):
      * assembler/SH4Assembler.h:
      (JSC::SH4Assembler::executableCopy):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::executableCopy):
      (JSC::X86Assembler::X86InstructionFormatter::executableCopy):
      * bytecode/CallLinkInfo.cpp:
      (JSC::CallLinkInfo::unlink):
      * bytecode/CallLinkInfo.h:
      (CallLinkInfo):
      * bytecode/CodeBlock.cpp:
      (JSC::dumpStructure):
      (JSC::CodeBlock::printStructures):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::visitStructures):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::createActivation):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::findClosureCallForReturnPC):
      (JSC::ProgramCodeBlock::jettisonImpl):
      (JSC::EvalCodeBlock::jettisonImpl):
      (JSC::FunctionCodeBlock::jettisonImpl):
      (JSC::CodeBlock::predictedMachineCodeSize):
      (JSC::CodeBlock::usesOpcode):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::appendWeakReference):
      (JSC::CodeBlock::appendWeakReferenceTransition):
      (JSC::CodeBlock::setJITCode):
      (JSC::CodeBlock::setGlobalData):
      (JSC::CodeBlock::vm):
      (JSC::CodeBlock::valueProfileForBytecodeOffset):
      (JSC::CodeBlock::addConstant):
      (JSC::CodeBlock::setConstantRegisters):
      (CodeBlock):
      (JSC::CodeBlock::WeakReferenceTransition::WeakReferenceTransition):
      * bytecode/EvalCodeCache.h:
      (JSC::EvalCodeCache::getSlow):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC::GetByIdStatus::computeForChain):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (GetByIdStatus):
      * bytecode/Instruction.h:
      (JSC::Instruction::Instruction):
      * bytecode/ObjectAllocationProfile.h:
      (JSC::ObjectAllocationProfile::initialize):
      (JSC::ObjectAllocationProfile::possibleDefaultPropertyCount):
      * bytecode/PolymorphicAccessStructureList.h:
      (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
      (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
      * bytecode/PolymorphicPutByIdList.h:
      (JSC::PutByIdAccess::transition):
      (JSC::PutByIdAccess::replace):
      * bytecode/PreciseJumpTargets.cpp:
      (JSC::computePreciseJumpTargets):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (JSC):
      (PutByIdStatus):
      * bytecode/ResolveGlobalStatus.cpp:
      (JSC::computeForStructure):
      * bytecode/SamplingTool.cpp:
      (JSC::SamplingTool::notifyOfScope):
      * bytecode/SamplingTool.h:
      (JSC::ScriptSampleRecord::ScriptSampleRecord):
      (SamplingTool):
      * bytecode/StructureStubInfo.h:
      (JSC::StructureStubInfo::initGetByIdSelf):
      (JSC::StructureStubInfo::initGetByIdProto):
      (JSC::StructureStubInfo::initGetByIdChain):
      (JSC::StructureStubInfo::initPutByIdTransition):
      (JSC::StructureStubInfo::initPutByIdReplace):
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::generateFunctionCodeBlock):
      (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
      (JSC::UnlinkedFunctionExecutable::link):
      (JSC::UnlinkedFunctionExecutable::fromGlobalCode):
      (JSC::UnlinkedFunctionExecutable::codeBlockFor):
      (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC::UnlinkedFunctionExecutable::create):
      (UnlinkedFunctionExecutable):
      (JSC::UnlinkedFunctionExecutable::finishCreation):
      (JSC::UnlinkedFunctionExecutable::createStructure):
      (JSC::UnlinkedCodeBlock::addRegExp):
      (JSC::UnlinkedCodeBlock::addConstant):
      (JSC::UnlinkedCodeBlock::addFunctionDecl):
      (JSC::UnlinkedCodeBlock::addFunctionExpr):
      (JSC::UnlinkedCodeBlock::vm):
      (UnlinkedCodeBlock):
      (JSC::UnlinkedCodeBlock::finishCreation):
      (JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock):
      (JSC::UnlinkedProgramCodeBlock::create):
      (JSC::UnlinkedProgramCodeBlock::addFunctionDeclaration):
      (JSC::UnlinkedProgramCodeBlock::UnlinkedProgramCodeBlock):
      (JSC::UnlinkedProgramCodeBlock::createStructure):
      (JSC::UnlinkedEvalCodeBlock::create):
      (JSC::UnlinkedEvalCodeBlock::UnlinkedEvalCodeBlock):
      (JSC::UnlinkedEvalCodeBlock::createStructure):
      (JSC::UnlinkedFunctionCodeBlock::create):
      (JSC::UnlinkedFunctionCodeBlock::UnlinkedFunctionCodeBlock):
      (JSC::UnlinkedFunctionCodeBlock::createStructure):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::BytecodeGenerator):
      (JSC::BytecodeGenerator::addConstant):
      (JSC::BytecodeGenerator::emitLoad):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::addStringConstant):
      (JSC::BytecodeGenerator::expectedFunctionForIdentifier):
      (JSC::BytecodeGenerator::emitThrowReferenceError):
      (JSC::BytecodeGenerator::emitReadOnlyExceptionIfNeeded):
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      (JSC::BytecodeGenerator::vm):
      (JSC::BytecodeGenerator::propertyNames):
      (JSC::BytecodeGenerator::makeFunction):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::RegExpNode::emitBytecode):
      (JSC::ArrayNode::toArgumentList):
      (JSC::ApplyFunctionCallDotNode::emitBytecode):
      (JSC::InstanceOfNode::emitBytecode):
      * debugger/Debugger.cpp:
      (JSC::Debugger::recompileAllJSFunctions):
      (JSC::evaluateInGlobalCallFrame):
      * debugger/Debugger.h:
      (JSC):
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::DebuggerActivation):
      (JSC::DebuggerActivation::finishCreation):
      * debugger/DebuggerActivation.h:
      (JSC::DebuggerActivation::create):
      (JSC::DebuggerActivation::createStructure):
      (DebuggerActivation):
      * debugger/DebuggerCallFrame.cpp:
      (JSC::DebuggerCallFrame::evaluate):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::executeEffects):
      * dfg/DFGAssemblyHelpers.h:
      (JSC::DFG::AssemblyHelpers::AssemblyHelpers):
      (JSC::DFG::AssemblyHelpers::vm):
      (JSC::DFG::AssemblyHelpers::debugCall):
      (JSC::DFG::AssemblyHelpers::emitExceptionCheck):
      (AssemblyHelpers):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      (JSC::DFG::ByteCodeParser::parseBlock):
      (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
      (JSC::DFG::ByteCodeParser::parseCodeBlock):
      * dfg/DFGByteCodeParser.h:
      (JSC):
      * dfg/DFGCCallHelpers.h:
      (JSC::DFG::CCallHelpers::CCallHelpers):
      * dfg/DFGCapabilities.cpp:
      (JSC::DFG::canHandleOpcodes):
      * dfg/DFGConstantFoldingPhase.cpp:
      (JSC::DFG::ConstantFoldingPhase::foldConstants):
      * dfg/DFGDisassembler.cpp:
      (JSC::DFG::Disassembler::reportToProfiler):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGDriver.h:
      (JSC):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::isStringPrototypeMethodSane):
      (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::Graph):
      * dfg/DFGGraph.h:
      (Graph):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::JITCompiler):
      (JSC::DFG::JITCompiler::linkOSRExits):
      (JSC::DFG::JITCompiler::link):
      (JSC::DFG::JITCompiler::compile):
      (JSC::DFG::JITCompiler::compileFunction):
      * dfg/DFGJITCompiler.h:
      (JSC):
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOperations.cpp:
      (JSC::DFG::putByVal):
      (JSC::DFG::operationPutByValInternal):
      (JSC::getHostCallReturnValueWithExecState):
      * dfg/DFGPhase.h:
      (JSC::DFG::Phase::vm):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::tryBuildGetByIDProtoList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      (JSC::DFG::tryCachePutByID):
      (JSC::DFG::tryBuildPutByIdList):
      (JSC::DFG::linkSlowFor):
      (JSC::DFG::dfgLinkFor):
      (JSC::DFG::dfgLinkSlowFor):
      (JSC::DFG::dfgLinkClosureCall):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::typedArrayDescriptor):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
      (JSC::DFG::SpeculativeJIT::compileFromCharCode):
      (JSC::DFG::SpeculativeJIT::compileMakeRope):
      (JSC::DFG::SpeculativeJIT::compileStringEquality):
      (JSC::DFG::SpeculativeJIT::compileToStringOnCell):
      (JSC::DFG::SpeculativeJIT::speculateObject):
      (JSC::DFG::SpeculativeJIT::speculateObjectOrOther):
      (JSC::DFG::SpeculativeJIT::speculateString):
      (JSC::DFG::SpeculativeJIT::speculateStringOrStringObject):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::prepareForExternalCall):
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicStorage):
      (JSC::DFG::SpeculativeJIT::emitAllocateJSObject):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compileObjectEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality):
      (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
      (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGThunks.cpp:
      (JSC::DFG::osrExitGenerationThunkGenerator):
      (JSC::DFG::throwExceptionFromCallSlowPathGenerator):
      (JSC::DFG::slowPathFor):
      (JSC::DFG::linkForThunkGenerator):
      (JSC::DFG::linkCallThunkGenerator):
      (JSC::DFG::linkConstructThunkGenerator):
      (JSC::DFG::linkClosureCallThunkGenerator):
      (JSC::DFG::virtualForThunkGenerator):
      (JSC::DFG::virtualCallThunkGenerator):
      (JSC::DFG::virtualConstructThunkGenerator):
      * dfg/DFGThunks.h:
      (JSC):
      (DFG):
      * heap/BlockAllocator.h:
      (JSC):
      * heap/CopiedSpace.cpp:
      (JSC::CopiedSpace::tryAllocateSlowCase):
      (JSC::CopiedSpace::tryReallocate):
      * heap/CopiedSpaceInlines.h:
      (JSC::CopiedSpace::tryAllocate):
      * heap/GCThreadSharedData.cpp:
      (JSC::GCThreadSharedData::GCThreadSharedData):
      (JSC::GCThreadSharedData::reset):
      * heap/GCThreadSharedData.h:
      (JSC):
      (GCThreadSharedData):
      * heap/HandleSet.cpp:
      (JSC::HandleSet::HandleSet):
      (JSC::HandleSet::~HandleSet):
      (JSC::HandleSet::grow):
      * heap/HandleSet.h:
      (JSC):
      (HandleSet):
      (JSC::HandleSet::vm):
      * heap/Heap.cpp:
      (JSC::Heap::Heap):
      (JSC):
      (JSC::Heap::lastChanceToFinalize):
      (JSC::Heap::protect):
      (JSC::Heap::unprotect):
      (JSC::Heap::stack):
      (JSC::Heap::getConservativeRegisterRoots):
      (JSC::Heap::markRoots):
      (JSC::Heap::deleteAllCompiledCode):
      (JSC::Heap::collect):
      (JSC::Heap::isValidAllocation):
      * heap/Heap.h:
      (JSC):
      (Heap):
      (JSC::Heap::vm):
      * heap/HeapTimer.cpp:
      (JSC::HeapTimer::HeapTimer):
      (JSC::HeapTimer::timerDidFire):
      (JSC::HeapTimer::timerEvent):
      * heap/HeapTimer.h:
      (JSC):
      (HeapTimer):
      * heap/IncrementalSweeper.cpp:
      (JSC::IncrementalSweeper::IncrementalSweeper):
      (JSC::IncrementalSweeper::sweepNextBlock):
      (JSC::IncrementalSweeper::willFinishSweeping):
      (JSC::IncrementalSweeper::create):
      * heap/IncrementalSweeper.h:
      (IncrementalSweeper):
      * heap/Local.h:
      (Local):
      (JSC::::Local):
      (JSC::LocalStack::LocalStack):
      (JSC::LocalStack::push):
      (LocalStack):
      * heap/LocalScope.h:
      (JSC):
      (LocalScope):
      (JSC::LocalScope::LocalScope):
      * heap/MachineStackMarker.cpp:
      (JSC::MachineThreads::addCurrentThread):
      * heap/MarkedAllocator.cpp:
      (JSC::MarkedAllocator::allocateSlowCase):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::MarkedBlock):
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::vm):
      * heap/SlotVisitor.cpp:
      (JSC::SlotVisitor::SlotVisitor):
      (JSC::SlotVisitor::setup):
      * heap/Strong.h:
      (JSC):
      (Strong):
      (JSC::Strong::operator=):
      * heap/StrongInlines.h:
      (JSC::::Strong):
      (JSC::::set):
      * heap/SuperRegion.h:
      (JSC):
      * heap/WeakSet.cpp:
      * heap/WeakSet.h:
      (WeakSet):
      (JSC::WeakSet::WeakSet):
      (JSC::WeakSet::vm):
      * interpreter/AbstractPC.cpp:
      (JSC::AbstractPC::AbstractPC):
      * interpreter/AbstractPC.h:
      (JSC):
      (AbstractPC):
      * interpreter/CachedCall.h:
      (JSC::CachedCall::CachedCall):
      * interpreter/CallFrame.h:
      (ExecState):
      (JSC::ExecState::clearException):
      (JSC::ExecState::clearSupplementaryExceptionInfo):
      (JSC::ExecState::exception):
      (JSC::ExecState::hadException):
      (JSC::ExecState::propertyNames):
      (JSC::ExecState::emptyList):
      (JSC::ExecState::interpreter):
      (JSC::ExecState::heap):
      (JSC::ExecState::arrayConstructorTable):
      (JSC::ExecState::arrayPrototypeTable):
      (JSC::ExecState::booleanPrototypeTable):
      (JSC::ExecState::dateTable):
      (JSC::ExecState::dateConstructorTable):
      (JSC::ExecState::errorPrototypeTable):
      (JSC::ExecState::globalObjectTable):
      (JSC::ExecState::jsonTable):
      (JSC::ExecState::mathTable):
      (JSC::ExecState::numberConstructorTable):
      (JSC::ExecState::numberPrototypeTable):
      (JSC::ExecState::objectConstructorTable):
      (JSC::ExecState::privateNamePrototypeTable):
      (JSC::ExecState::regExpTable):
      (JSC::ExecState::regExpConstructorTable):
      (JSC::ExecState::regExpPrototypeTable):
      (JSC::ExecState::stringConstructorTable):
      (JSC::ExecState::abstractReturnPC):
      * interpreter/CallFrameClosure.h:
      (CallFrameClosure):
      * interpreter/Interpreter.cpp:
      (JSC):
      (JSC::eval):
      (JSC::loadVarargs):
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::dumpRegisters):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::appendSourceToError):
      (JSC::getCallerInfo):
      (JSC::Interpreter::getStackTrace):
      (JSC::Interpreter::addStackTraceIfNecessary):
      (JSC::Interpreter::throwException):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC::Interpreter::prepareForRepeatCall):
      (JSC::Interpreter::retrieveArgumentsFromVMCode):
      (JSC::Interpreter::retrieveCallerFromVMCode):
      * interpreter/Interpreter.h:
      (JSC):
      (JSC::TopCallFrameSetter::TopCallFrameSetter):
      (JSC::TopCallFrameSetter::~TopCallFrameSetter):
      (TopCallFrameSetter):
      (JSC::NativeCallFrameTracer::NativeCallFrameTracer):
      (Interpreter):
      * interpreter/JSStack.cpp:
      (JSC::JSStack::JSStack):
      * interpreter/JSStack.h:
      (JSC):
      * jit/ClosureCallStubRoutine.cpp:
      (JSC::ClosureCallStubRoutine::ClosureCallStubRoutine):
      * jit/ClosureCallStubRoutine.h:
      (ClosureCallStubRoutine):
      * jit/ExecutableAllocator.cpp:
      (JSC::ExecutableAllocator::ExecutableAllocator):
      (JSC::ExecutableAllocator::allocate):
      * jit/ExecutableAllocator.h:
      (JSC):
      (ExecutableAllocator):
      * jit/ExecutableAllocatorFixedVMPool.cpp:
      (JSC::ExecutableAllocator::ExecutableAllocator):
      (JSC::ExecutableAllocator::allocate):
      * jit/GCAwareJITStubRoutine.cpp:
      (JSC::GCAwareJITStubRoutine::GCAwareJITStubRoutine):
      (JSC::MarkingGCAwareJITStubRoutineWithOneObject::MarkingGCAwareJITStubRoutineWithOneObject):
      (JSC::createJITStubRoutine):
      * jit/GCAwareJITStubRoutine.h:
      (GCAwareJITStubRoutine):
      (MarkingGCAwareJITStubRoutineWithOneObject):
      (JSC):
      * jit/JIT.cpp:
      (JSC::JIT::JIT):
      (JSC::JIT::privateCompile):
      (JSC::JIT::linkFor):
      (JSC::JIT::linkSlowCall):
      * jit/JIT.h:
      (JSC::JIT::compile):
      (JSC::JIT::compileClosureCall):
      (JSC::JIT::compileGetByIdProto):
      (JSC::JIT::compileGetByIdSelfList):
      (JSC::JIT::compileGetByIdProtoList):
      (JSC::JIT::compileGetByIdChainList):
      (JSC::JIT::compileGetByIdChain):
      (JSC::JIT::compilePutByIdTransition):
      (JSC::JIT::compileGetByVal):
      (JSC::JIT::compilePutByVal):
      (JSC::JIT::compileCTINativeCall):
      (JSC::JIT::compilePatchGetArrayLength):
      (JIT):
      * jit/JITCall.cpp:
      (JSC::JIT::compileLoadVarargs):
      (JSC::JIT::compileCallEvalSlowCase):
      (JSC::JIT::compileOpCallSlowCase):
      (JSC::JIT::privateCompileClosureCall):
      * jit/JITCall32_64.cpp:
      (JSC::JIT::compileLoadVarargs):
      (JSC::JIT::compileCallEvalSlowCase):
      (JSC::JIT::compileOpCallSlowCase):
      (JSC::JIT::privateCompileClosureCall):
      * jit/JITCode.h:
      (JSC):
      (JSC::JITCode::execute):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITExceptions.cpp:
      (JSC::genericThrow):
      (JSC::jitThrow):
      * jit/JITExceptions.h:
      (JSC):
      * jit/JITInlines.h:
      (JSC::JIT::emitLoadCharacterString):
      (JSC::JIT::updateTopCallFrame):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::privateCompileCTINativeCall):
      (JSC::JIT::emit_op_new_object):
      (JSC::JIT::emit_op_to_primitive):
      (JSC::JIT::emit_op_catch):
      (JSC::JIT::emit_op_convert_this):
      (JSC::JIT::emitSlow_op_convert_this):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::privateCompileCTINativeCall):
      (JSC::JIT::emit_op_new_object):
      (JSC::JIT::emit_op_to_primitive):
      (JSC::JIT::emitSlow_op_eq):
      (JSC::JIT::emitSlow_op_neq):
      (JSC::JIT::compileOpStrictEq):
      (JSC::JIT::emit_op_catch):
      (JSC::JIT::emit_op_convert_this):
      (JSC::JIT::emitSlow_op_convert_this):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      (JSC::JIT::privateCompileGetByVal):
      (JSC::JIT::privateCompilePutByVal):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITStubs.cpp:
      (JSC::ctiTrampoline):
      (JSC):
      (JSC::performPlatformSpecificJITAssertions):
      (JSC::tryCachePutByID):
      (JSC::tryCacheGetByID):
      (JSC::returnToThrowTrampoline):
      (JSC::throwExceptionFromOpCall):
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::getPolymorphicAccessStructureListSlot):
      (JSC::jitCompileFor):
      (JSC::lazyLinkFor):
      (JSC::putByVal):
      * jit/JITStubs.h:
      (JSC):
      (JITStackFrame):
      * jit/JITThunks.cpp:
      (JSC::JITThunks::ctiNativeCall):
      (JSC::JITThunks::ctiNativeConstruct):
      (JSC::JITThunks::ctiStub):
      (JSC::JITThunks::hostFunctionStub):
      * jit/JITThunks.h:
      (JSC):
      (JITThunks):
      * jit/JITWriteBarrier.h:
      (JSC):
      (JSC::JITWriteBarrierBase::set):
      (JSC::JITWriteBarrier::set):
      * jit/SpecializedThunkJIT.h:
      (JSC::SpecializedThunkJIT::loadJSStringArgument):
      (JSC::SpecializedThunkJIT::finalize):
      * jit/ThunkGenerator.h:
      (JSC):
      * jit/ThunkGenerators.cpp:
      (JSC::generateSlowCaseFor):
      (JSC::linkForGenerator):
      (JSC::linkCallGenerator):
      (JSC::linkConstructGenerator):
      (JSC::linkClosureCallGenerator):
      (JSC::virtualForGenerator):
      (JSC::virtualCallGenerator):
      (JSC::virtualConstructGenerator):
      (JSC::stringLengthTrampolineGenerator):
      (JSC::nativeForGenerator):
      (JSC::nativeCallGenerator):
      (JSC::nativeConstructGenerator):
      (JSC::stringCharLoad):
      (JSC::charToString):
      (JSC::charCodeAtThunkGenerator):
      (JSC::charAtThunkGenerator):
      (JSC::fromCharCodeThunkGenerator):
      (JSC::sqrtThunkGenerator):
      (JSC::floorThunkGenerator):
      (JSC::ceilThunkGenerator):
      (JSC::roundThunkGenerator):
      (JSC::expThunkGenerator):
      (JSC::logThunkGenerator):
      (JSC::absThunkGenerator):
      (JSC::powThunkGenerator):
      * jit/ThunkGenerators.h:
      (JSC):
      * jsc.cpp:
      (GlobalObject):
      (GlobalObject::create):
      (GlobalObject::createStructure):
      (GlobalObject::finishCreation):
      (GlobalObject::addFunction):
      (GlobalObject::addConstructableFunction):
      (functionDumpCallFrame):
      (functionJSCStack):
      (functionReleaseExecutableMemory):
      (functionRun):
      (main):
      (runWithScripts):
      (jscmain):
      * llint/LLIntData.cpp:
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntData.h:
      (JSC):
      (Data):
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h:
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntExceptions.cpp:
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntOffsetsExtractor.cpp:
      * llint/LLIntSlowPaths.cpp:
      (LLInt):
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::shouldJIT):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      * llint/LLIntThunks.cpp:
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * llint/LLIntThunks.h:
      (JSC):
      (LLInt):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter.cpp:
      (JSC::CLoop::execute):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * offlineasm/cloop.rb:
      * parser/ASTBuilder.h:
      (JSC::ASTBuilder::ASTBuilder):
      (JSC::ASTBuilder::createSourceElements):
      (JSC::ASTBuilder::createCommaExpr):
      (JSC::ASTBuilder::createLogicalNot):
      (JSC::ASTBuilder::createUnaryPlus):
      (JSC::ASTBuilder::createVoid):
      (JSC::ASTBuilder::thisExpr):
      (JSC::ASTBuilder::createResolve):
      (JSC::ASTBuilder::createObjectLiteral):
      (JSC::ASTBuilder::createArray):
      (JSC::ASTBuilder::createNumberExpr):
      (JSC::ASTBuilder::createString):
      (JSC::ASTBuilder::createBoolean):
      (JSC::ASTBuilder::createNull):
      (JSC::ASTBuilder::createBracketAccess):
      (JSC::ASTBuilder::createDotAccess):
      (JSC::ASTBuilder::createRegExp):
      (JSC::ASTBuilder::createNewExpr):
      (JSC::ASTBuilder::createConditionalExpr):
      (JSC::ASTBuilder::createAssignResolve):
      (JSC::ASTBuilder::createFunctionExpr):
      (JSC::ASTBuilder::createFunctionBody):
      (JSC::ASTBuilder::createGetterOrSetterProperty):
      (JSC::ASTBuilder::createArguments):
      (JSC::ASTBuilder::createArgumentsList):
      (JSC::ASTBuilder::createProperty):
      (JSC::ASTBuilder::createPropertyList):
      (JSC::ASTBuilder::createElementList):
      (JSC::ASTBuilder::createFormalParameterList):
      (JSC::ASTBuilder::createClause):
      (JSC::ASTBuilder::createClauseList):
      (JSC::ASTBuilder::createFuncDeclStatement):
      (JSC::ASTBuilder::createBlockStatement):
      (JSC::ASTBuilder::createExprStatement):
      (JSC::ASTBuilder::createIfStatement):
      (JSC::ASTBuilder::createForLoop):
      (JSC::ASTBuilder::createForInLoop):
      (JSC::ASTBuilder::createEmptyStatement):
      (JSC::ASTBuilder::createVarStatement):
      (JSC::ASTBuilder::createReturnStatement):
      (JSC::ASTBuilder::createBreakStatement):
      (JSC::ASTBuilder::createContinueStatement):
      (JSC::ASTBuilder::createTryStatement):
      (JSC::ASTBuilder::createSwitchStatement):
      (JSC::ASTBuilder::createWhileStatement):
      (JSC::ASTBuilder::createDoWhileStatement):
      (JSC::ASTBuilder::createLabelStatement):
      (JSC::ASTBuilder::createWithStatement):
      (JSC::ASTBuilder::createThrowStatement):
      (JSC::ASTBuilder::createDebugger):
      (JSC::ASTBuilder::createConstStatement):
      (JSC::ASTBuilder::appendConstDecl):
      (JSC::ASTBuilder::addVar):
      (JSC::ASTBuilder::combineCommaNodes):
      (JSC::ASTBuilder::Scope::Scope):
      (JSC::ASTBuilder::createNumber):
      (ASTBuilder):
      (JSC::ASTBuilder::makeTypeOfNode):
      (JSC::ASTBuilder::makeDeleteNode):
      (JSC::ASTBuilder::makeNegateNode):
      (JSC::ASTBuilder::makeBitwiseNotNode):
      (JSC::ASTBuilder::makeMultNode):
      (JSC::ASTBuilder::makeDivNode):
      (JSC::ASTBuilder::makeModNode):
      (JSC::ASTBuilder::makeAddNode):
      (JSC::ASTBuilder::makeSubNode):
      (JSC::ASTBuilder::makeLeftShiftNode):
      (JSC::ASTBuilder::makeRightShiftNode):
      (JSC::ASTBuilder::makeURightShiftNode):
      (JSC::ASTBuilder::makeBitOrNode):
      (JSC::ASTBuilder::makeBitAndNode):
      (JSC::ASTBuilder::makeBitXOrNode):
      (JSC::ASTBuilder::makeFunctionCallNode):
      (JSC::ASTBuilder::makeBinaryNode):
      (JSC::ASTBuilder::makeAssignNode):
      (JSC::ASTBuilder::makePrefixNode):
      (JSC::ASTBuilder::makePostfixNode):
      * parser/Lexer.cpp:
      (JSC::Keywords::Keywords):
      (JSC::::Lexer):
      (JSC::::parseIdentifier):
      (JSC::::parseIdentifierSlowCase):
      * parser/Lexer.h:
      (JSC::Keywords::isKeyword):
      (JSC::Keywords::getKeyword):
      (Keywords):
      (Lexer):
      (JSC::::makeIdentifier):
      (JSC::::makeRightSizedIdentifier):
      (JSC::::makeIdentifierLCharFromUChar):
      (JSC::::makeLCharIdentifier):
      * parser/NodeConstructors.h:
      (JSC::ParserArenaFreeable::operator new):
      (JSC::ParserArenaDeletable::operator new):
      (JSC::ParserArenaRefCounted::ParserArenaRefCounted):
      (JSC::PropertyNode::PropertyNode):
      (JSC::ContinueNode::ContinueNode):
      (JSC::BreakNode::BreakNode):
      (JSC::ForInNode::ForInNode):
      * parser/Nodes.cpp:
      (JSC::ScopeNode::ScopeNode):
      (JSC::ProgramNode::ProgramNode):
      (JSC::ProgramNode::create):
      (JSC::EvalNode::EvalNode):
      (JSC::EvalNode::create):
      (JSC::FunctionBodyNode::FunctionBodyNode):
      (JSC::FunctionBodyNode::create):
      * parser/Nodes.h:
      (ParserArenaFreeable):
      (ParserArenaDeletable):
      (ParserArenaRefCounted):
      (ArrayNode):
      (ForInNode):
      (ContinueNode):
      (BreakNode):
      (ScopeNode):
      (ProgramNode):
      (EvalNode):
      (FunctionBodyNode):
      * parser/Parser.cpp:
      (JSC::::Parser):
      (JSC::::parseInner):
      (JSC::::parseSourceElements):
      (JSC::::parseTryStatement):
      (JSC::::parseFunctionBody):
      (JSC::::parseFunctionInfo):
      (JSC::::parseAssignmentExpression):
      (JSC::::parseProperty):
      (JSC::::parsePrimaryExpression):
      (JSC::::parseMemberExpression):
      (JSC::::parseUnaryExpression):
      * parser/Parser.h:
      (JSC):
      (JSC::Scope::Scope):
      (JSC::Scope::declareVariable):
      (JSC::Scope::declareParameter):
      (Scope):
      (Parser):
      (JSC::Parser::pushScope):
      (JSC::::parse):
      (JSC::parse):
      * parser/ParserArena.h:
      (IdentifierArena):
      (JSC::IdentifierArena::makeIdentifier):
      (JSC::IdentifierArena::makeIdentifierLCharFromUChar):
      (JSC::IdentifierArena::makeNumericIdentifier):
      * parser/SyntaxChecker.h:
      (JSC::SyntaxChecker::SyntaxChecker):
      (JSC::SyntaxChecker::createProperty):
      (JSC::SyntaxChecker::createGetterOrSetterProperty):
      * profiler/LegacyProfiler.cpp:
      (JSC::LegacyProfiler::startProfiling):
      (JSC::LegacyProfiler::stopProfiling):
      * profiler/LegacyProfiler.h:
      (JSC):
      * profiler/ProfilerBytecode.cpp:
      (JSC::Profiler::Bytecode::toJS):
      * profiler/ProfilerBytecodeSequence.cpp:
      (JSC::Profiler::BytecodeSequence::BytecodeSequence):
      (JSC::Profiler::BytecodeSequence::addSequenceProperties):
      * profiler/ProfilerBytecodes.cpp:
      (JSC::Profiler::Bytecodes::toJS):
      * profiler/ProfilerCompilation.cpp:
      (JSC::Profiler::Compilation::toJS):
      * profiler/ProfilerCompiledBytecode.cpp:
      (JSC::Profiler::CompiledBytecode::toJS):
      * profiler/ProfilerDatabase.cpp:
      (JSC::Profiler::Database::Database):
      (JSC::Profiler::Database::toJS):
      (JSC::Profiler::Database::toJSON):
      * profiler/ProfilerDatabase.h:
      (Database):
      * profiler/ProfilerOSRExit.cpp:
      (JSC::Profiler::OSRExit::toJS):
      * profiler/ProfilerOrigin.cpp:
      (JSC::Profiler::Origin::toJS):
      * profiler/ProfilerProfiledBytecodes.cpp:
      (JSC::Profiler::ProfiledBytecodes::toJS):
      * runtime/ArgList.h:
      (MarkedArgumentBuffer):
      * runtime/Arguments.cpp:
      (JSC::Arguments::putByIndex):
      (JSC::Arguments::put):
      (JSC::Arguments::deleteProperty):
      (JSC::Arguments::defineOwnProperty):
      (JSC::Arguments::tearOff):
      (JSC::Arguments::didTearOffActivation):
      (JSC::Arguments::tearOffForInlineCallFrame):
      * runtime/Arguments.h:
      (JSC::Arguments::create):
      (JSC::Arguments::createStructure):
      (Arguments):
      (JSC::Arguments::Arguments):
      (JSC::Arguments::trySetArgument):
      (JSC::Arguments::finishCreation):
      * runtime/ArrayConstructor.cpp:
      (JSC::ArrayConstructor::finishCreation):
      * runtime/ArrayConstructor.h:
      (JSC::ArrayConstructor::createStructure):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::ArrayPrototype):
      (JSC::ArrayPrototype::finishCreation):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncSplice):
      * runtime/ArrayPrototype.h:
      (JSC::ArrayPrototype::createStructure):
      * runtime/BatchedTransitionOptimizer.h:
      (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
      (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
      (BatchedTransitionOptimizer):
      * runtime/BooleanConstructor.cpp:
      (JSC::BooleanConstructor::finishCreation):
      (JSC::constructBoolean):
      (JSC::constructBooleanFromImmediateBoolean):
      * runtime/BooleanConstructor.h:
      (JSC::BooleanConstructor::createStructure):
      * runtime/BooleanObject.cpp:
      (JSC::BooleanObject::BooleanObject):
      (JSC::BooleanObject::finishCreation):
      * runtime/BooleanObject.h:
      (BooleanObject):
      (JSC::BooleanObject::create):
      (JSC::BooleanObject::createStructure):
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::BooleanPrototype):
      (JSC::BooleanPrototype::finishCreation):
      (JSC::booleanProtoFuncToString):
      * runtime/BooleanPrototype.h:
      (JSC::BooleanPrototype::createStructure):
      * runtime/Butterfly.h:
      (JSC):
      (Butterfly):
      * runtime/ButterflyInlines.h:
      (JSC::Butterfly::createUninitialized):
      (JSC::Butterfly::create):
      (JSC::Butterfly::growPropertyStorage):
      (JSC::Butterfly::createOrGrowArrayRight):
      (JSC::Butterfly::growArrayRight):
      (JSC::Butterfly::resizeArray):
      * runtime/CodeCache.cpp:
      (JSC::CodeCache::getCodeBlock):
      (JSC::CodeCache::getProgramCodeBlock):
      (JSC::CodeCache::getEvalCodeBlock):
      (JSC::CodeCache::getFunctionExecutableFromGlobalCode):
      * runtime/CodeCache.h:
      (JSC):
      (JSC::SourceCodeValue::SourceCodeValue):
      (CodeCache):
      * runtime/CommonIdentifiers.cpp:
      (JSC):
      (JSC::CommonIdentifiers::CommonIdentifiers):
      * runtime/CommonIdentifiers.h:
      (CommonIdentifiers):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::opIn):
      * runtime/Completion.cpp:
      (JSC::checkSyntax):
      (JSC::evaluate):
      * runtime/DateConstructor.cpp:
      (JSC::DateConstructor::finishCreation):
      * runtime/DateConstructor.h:
      (JSC::DateConstructor::createStructure):
      * runtime/DateInstance.cpp:
      (JSC::DateInstance::DateInstance):
      (JSC::DateInstance::finishCreation):
      (JSC::DateInstance::calculateGregorianDateTime):
      (JSC::DateInstance::calculateGregorianDateTimeUTC):
      * runtime/DateInstance.h:
      (DateInstance):
      (JSC::DateInstance::create):
      (JSC::DateInstance::createStructure):
      * runtime/DatePrototype.cpp:
      (JSC::DatePrototype::finishCreation):
      (JSC::dateProtoFuncSetTime):
      (JSC::setNewValueFromTimeArgs):
      (JSC::setNewValueFromDateArgs):
      (JSC::dateProtoFuncSetYear):
      (JSC::dateProtoFuncToJSON):
      * runtime/DatePrototype.h:
      (JSC::DatePrototype::createStructure):
      * runtime/Error.cpp:
      (JSC::createError):
      (JSC::createEvalError):
      (JSC::createRangeError):
      (JSC::createReferenceError):
      (JSC::createSyntaxError):
      (JSC::createTypeError):
      (JSC::createURIError):
      (JSC::addErrorInfo):
      (JSC::throwError):
      * runtime/Error.h:
      (JSC):
      (JSC::StrictModeTypeErrorFunction::create):
      (JSC::StrictModeTypeErrorFunction::createStructure):
      * runtime/ErrorConstructor.cpp:
      (JSC::ErrorConstructor::finishCreation):
      * runtime/ErrorConstructor.h:
      (JSC::ErrorConstructor::createStructure):
      * runtime/ErrorInstance.cpp:
      (JSC::ErrorInstance::ErrorInstance):
      * runtime/ErrorInstance.h:
      (JSC::ErrorInstance::createStructure):
      (JSC::ErrorInstance::create):
      (ErrorInstance):
      (JSC::ErrorInstance::finishCreation):
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::ErrorPrototype):
      (JSC::ErrorPrototype::finishCreation):
      * runtime/ErrorPrototype.h:
      (JSC::ErrorPrototype::createStructure):
      * runtime/ExceptionHelpers.cpp:
      (JSC::createInterruptedExecutionException):
      (JSC::createTerminatedExecutionException):
      * runtime/ExceptionHelpers.h:
      (JSC):
      (JSC::InterruptedExecutionError::InterruptedExecutionError):
      (JSC::InterruptedExecutionError::create):
      (JSC::InterruptedExecutionError::createStructure):
      (JSC::TerminatedExecutionError::TerminatedExecutionError):
      (JSC::TerminatedExecutionError::create):
      (JSC::TerminatedExecutionError::createStructure):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC::EvalExecutable::EvalExecutable):
      (JSC::ProgramExecutable::ProgramExecutable):
      (JSC::FunctionExecutable::FunctionExecutable):
      (JSC::EvalExecutable::compileOptimized):
      (JSC::EvalExecutable::compileInternal):
      (JSC::EvalExecutable::jettisonOptimizedCode):
      (JSC::ProgramExecutable::checkSyntax):
      (JSC::ProgramExecutable::compileOptimized):
      (JSC::ProgramExecutable::jettisonOptimizedCode):
      (JSC::ProgramExecutable::initializeGlobalProperties):
      (JSC::FunctionExecutable::compileOptimizedForCall):
      (JSC::FunctionExecutable::compileOptimizedForConstruct):
      (JSC::FunctionExecutable::produceCodeBlockFor):
      (JSC::FunctionExecutable::jettisonOptimizedCodeForCall):
      (JSC::FunctionExecutable::jettisonOptimizedCodeForConstruct):
      (JSC::FunctionExecutable::fromGlobalCode):
      * runtime/Executable.h:
      (JSC::ExecutableBase::ExecutableBase):
      (JSC::ExecutableBase::finishCreation):
      (JSC::ExecutableBase::createStructure):
      (JSC::NativeExecutable::create):
      (JSC::NativeExecutable::createStructure):
      (JSC::NativeExecutable::finishCreation):
      (JSC::NativeExecutable::NativeExecutable):
      (JSC::ScriptExecutable::ScriptExecutable):
      (JSC::ScriptExecutable::finishCreation):
      (JSC::EvalExecutable::compile):
      (EvalExecutable):
      (JSC::EvalExecutable::create):
      (JSC::EvalExecutable::createStructure):
      (JSC::ProgramExecutable::create):
      (ProgramExecutable):
      (JSC::ProgramExecutable::compile):
      (JSC::ProgramExecutable::createStructure):
      (JSC::FunctionExecutable::create):
      (JSC::FunctionExecutable::compileForCall):
      (FunctionExecutable):
      (JSC::FunctionExecutable::compileForConstruct):
      (JSC::FunctionExecutable::jettisonOptimizedCodeFor):
      (JSC::FunctionExecutable::createStructure):
      (JSC::JSFunction::JSFunction):
      * runtime/ExecutionHarness.h:
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      * runtime/FunctionConstructor.cpp:
      (JSC::FunctionConstructor::finishCreation):
      * runtime/FunctionConstructor.h:
      (JSC::FunctionConstructor::createStructure):
      * runtime/FunctionPrototype.cpp:
      (JSC::FunctionPrototype::finishCreation):
      (JSC::FunctionPrototype::addFunctionProperties):
      (JSC::functionProtoFuncBind):
      * runtime/FunctionPrototype.h:
      (JSC::FunctionPrototype::createStructure):
      * runtime/GCActivityCallback.cpp:
      (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback):
      (JSC::DefaultGCActivityCallback::doWork):
      (JSC::DefaultGCActivityCallback::didAllocate):
      * runtime/GCActivityCallback.h:
      (JSC::GCActivityCallback::GCActivityCallback):
      * runtime/GCActivityCallbackBlackBerry.cpp:
      (JSC::DefaultGCActivityCallback::DefaultGCActivityCallback):
      (JSC::DefaultGCActivityCallback::doWork):
      (JSC::DefaultGCActivityCallback::didAllocate):
      * runtime/GetterSetter.h:
      (JSC::GetterSetter::GetterSetter):
      (JSC::GetterSetter::create):
      (JSC::GetterSetter::setGetter):
      (JSC::GetterSetter::setSetter):
      (JSC::GetterSetter::createStructure):
      * runtime/Identifier.cpp:
      (JSC::Identifier::add):
      (JSC::Identifier::add8):
      (JSC::Identifier::addSlowCase):
      (JSC::Identifier::from):
      (JSC::Identifier::checkCurrentIdentifierTable):
      * runtime/Identifier.h:
      (JSC::Identifier::Identifier):
      (JSC::Identifier::createLCharFromUChar):
      (Identifier):
      (JSC::Identifier::add):
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::InternalFunction):
      (JSC::InternalFunction::finishCreation):
      (JSC::InternalFunction::name):
      (JSC::InternalFunction::displayName):
      * runtime/InternalFunction.h:
      (JSC::InternalFunction::createStructure):
      (InternalFunction):
      * runtime/JSAPIValueWrapper.h:
      (JSC::JSAPIValueWrapper::createStructure):
      (JSC::JSAPIValueWrapper::finishCreation):
      (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::symbolTablePut):
      (JSC::JSActivation::symbolTablePutWithAttributes):
      (JSC::JSActivation::getOwnPropertySlot):
      (JSC::JSActivation::put):
      (JSC::JSActivation::putDirectVirtual):
      (JSC::JSActivation::argumentsGetter):
      * runtime/JSActivation.h:
      (JSActivation):
      (JSC::JSActivation::create):
      (JSC::JSActivation::createStructure):
      (JSC::JSActivation::JSActivation):
      (JSC::JSActivation::tearOff):
      * runtime/JSArray.cpp:
      (JSC::createArrayButterflyInDictionaryIndexingMode):
      (JSC::JSArray::setLengthWritable):
      (JSC::JSArray::unshiftCountSlowCase):
      (JSC::JSArray::setLength):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCountWithAnyIndexingType):
      (JSC::JSArray::unshiftCountWithArrayStorage):
      (JSC::JSArray::unshiftCountWithAnyIndexingType):
      (JSC::ContiguousTypeAccessor::setWithValue):
      (JSC::JSArray::sortCompactedVector):
      (JSC::JSArray::sortVector):
      * runtime/JSArray.h:
      (JSC::JSArray::JSArray):
      (JSArray):
      (JSC::JSArray::shiftCountForShift):
      (JSC::JSArray::unshiftCountForShift):
      (JSC::JSArray::createStructure):
      (JSC::createContiguousArrayButterfly):
      (JSC::createArrayButterfly):
      (JSC):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      (JSC::constructArray):
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::create):
      (JSC::JSBoundFunction::JSBoundFunction):
      * runtime/JSBoundFunction.h:
      (JSC::JSBoundFunction::createStructure):
      * runtime/JSCJSValue.cpp:
      (JSC::JSValue::putToPrimitive):
      (JSC::JSValue::toStringSlowCase):
      * runtime/JSCJSValue.h:
      (JSC):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSCellInlines.h:
      (JSC::JSCell::JSCell):
      (JSC::JSCell::finishCreation):
      (JSC::allocateCell):
      (JSC::JSCell::setStructure):
      (JSC::JSCell::fastGetOwnProperty):
      * runtime/JSDateMath.cpp:
      (JSC::getDSTOffset):
      (JSC::getUTCOffset):
      (JSC::parseDate):
      * runtime/JSDestructibleObject.h:
      (JSC::JSDestructibleObject::JSDestructibleObject):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::create):
      (JSC::JSFunction::JSFunction):
      (JSC::JSFunction::finishCreation):
      (JSC::JSFunction::createAllocationProfile):
      (JSC::JSFunction::name):
      (JSC::JSFunction::displayName):
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::deleteProperty):
      * runtime/JSFunction.h:
      (JSFunction):
      (JSC::JSFunction::create):
      (JSC::JSFunction::setScope):
      (JSC::JSFunction::createStructure):
      * runtime/JSGlobalData.cpp: Removed.
      * runtime/JSGlobalData.h: Removed.
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC::JSGlobalObject::~JSGlobalObject):
      (JSC::JSGlobalObject::setGlobalThis):
      (JSC::JSGlobalObject::init):
      (JSC::JSGlobalObject::putDirectVirtual):
      (JSC::JSGlobalObject::reset):
      (JSC):
      (JSC::JSGlobalObject::haveABadTime):
      (JSC::JSGlobalObject::createThrowTypeError):
      (JSC::JSGlobalObject::resetPrototype):
      (JSC::JSGlobalObject::addStaticGlobals):
      (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
      (JSC::JSGlobalObject::createProgramCodeBlock):
      (JSC::JSGlobalObject::createEvalCodeBlock):
      * runtime/JSGlobalObject.h:
      (JSC::JSGlobalObject::create):
      (JSGlobalObject):
      (JSC::JSGlobalObject::finishCreation):
      (JSC::JSGlobalObject::vm):
      (JSC::JSGlobalObject::createStructure):
      (JSC::ExecState::dynamicGlobalObject):
      (JSC::constructEmptyArray):
      (DynamicGlobalObjectScope):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncProtoSetter):
      * runtime/JSLock.cpp:
      (JSC::JSLockHolder::JSLockHolder):
      (JSC::JSLockHolder::init):
      (JSC::JSLockHolder::~JSLockHolder):
      (JSC::JSLock::JSLock):
      (JSC::JSLock::willDestroyGlobalData):
      (JSC::JSLock::lock):
      (JSC::JSLock::unlock):
      (JSC::JSLock::DropAllLocks::DropAllLocks):
      (JSC::JSLock::DropAllLocks::~DropAllLocks):
      * runtime/JSLock.h:
      (JSC):
      (JSLockHolder):
      (JSLock):
      (JSC::JSLock::vm):
      (DropAllLocks):
      * runtime/JSNameScope.h:
      (JSC::JSNameScope::createStructure):
      (JSC::JSNameScope::finishCreation):
      (JSC::JSNameScope::JSNameScope):
      * runtime/JSNotAnObject.h:
      (JSC::JSNotAnObject::JSNotAnObject):
      (JSC::JSNotAnObject::create):
      (JSC::JSNotAnObject::createStructure):
      * runtime/JSONObject.cpp:
      (JSC::JSONObject::JSONObject):
      (JSC::JSONObject::finishCreation):
      (Holder):
      (JSC::Stringifier::Stringifier):
      (JSC::Stringifier::stringify):
      (JSC::Stringifier::toJSON):
      (JSC::Stringifier::appendStringifiedValue):
      (JSC::Stringifier::Holder::Holder):
      (JSC::Stringifier::Holder::appendNextProperty):
      (JSC::Walker::Walker):
      (JSC::Walker::walk):
      (JSC::JSONProtoFuncParse):
      (JSC::JSONProtoFuncStringify):
      (JSC::JSONStringify):
      * runtime/JSONObject.h:
      (JSC::JSONObject::createStructure):
      * runtime/JSObject.cpp:
      (JSC::JSObject::put):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::notifyPresenceOfIndexedAccessors):
      (JSC::JSObject::createInitialIndexedStorage):
      (JSC::JSObject::createInitialUndecided):
      (JSC::JSObject::createInitialInt32):
      (JSC::JSObject::createInitialDouble):
      (JSC::JSObject::createInitialContiguous):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::createInitialArrayStorage):
      (JSC::JSObject::convertUndecidedToInt32):
      (JSC::JSObject::convertUndecidedToDouble):
      (JSC::JSObject::convertUndecidedToContiguous):
      (JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements):
      (JSC::JSObject::convertUndecidedToArrayStorage):
      (JSC::JSObject::convertInt32ToDouble):
      (JSC::JSObject::convertInt32ToContiguous):
      (JSC::JSObject::convertInt32ToArrayStorage):
      (JSC::JSObject::genericConvertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToContiguous):
      (JSC::JSObject::rageConvertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToArrayStorage):
      (JSC::JSObject::convertContiguousToArrayStorage):
      (JSC::JSObject::convertUndecidedForValue):
      (JSC::JSObject::convertInt32ForValue):
      (JSC::JSObject::setIndexQuicklyToUndecided):
      (JSC::JSObject::convertInt32ToDoubleOrContiguousWhilePerformingSetIndex):
      (JSC::JSObject::convertDoubleToContiguousWhilePerformingSetIndex):
      (JSC::JSObject::ensureInt32Slow):
      (JSC::JSObject::ensureDoubleSlow):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::rageEnsureContiguousSlow):
      (JSC::JSObject::ensureArrayStorageSlow):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::switchToSlowPutArrayStorage):
      (JSC::JSObject::putDirectVirtual):
      (JSC::JSObject::setPrototype):
      (JSC::JSObject::setPrototypeWithCycleCheck):
      (JSC::JSObject::putDirectAccessor):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::getPropertySpecificValue):
      (JSC::JSObject::getOwnNonIndexPropertyNames):
      (JSC::JSObject::seal):
      (JSC::JSObject::freeze):
      (JSC::JSObject::preventExtensions):
      (JSC::JSObject::reifyStaticFunctionsForDelete):
      (JSC::JSObject::removeDirect):
      (JSC::JSObject::putIndexedDescriptor):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::JSObject::allocateSparseIndexMap):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::putDirectNativeFunction):
      (JSC::JSObject::increaseVectorLength):
      (JSC::JSObject::ensureLengthSlow):
      (JSC::JSObject::growOutOfLineStorage):
      (JSC::JSObject::getOwnPropertyDescriptor):
      (JSC::putDescriptor):
      (JSC::JSObject::putDirectMayBeIndex):
      (JSC::DefineOwnPropertyScope::DefineOwnPropertyScope):
      (JSC::DefineOwnPropertyScope::~DefineOwnPropertyScope):
      (DefineOwnPropertyScope):
      (JSC::JSObject::defineOwnNonIndexProperty):
      * runtime/JSObject.h:
      (JSObject):
      (JSC::JSObject::putByIndexInline):
      (JSC::JSObject::putDirectIndex):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::getDirect):
      (JSC::JSObject::getDirectOffset):
      (JSC::JSObject::putDirect):
      (JSC::JSObject::isSealed):
      (JSC::JSObject::isFrozen):
      (JSC::JSObject::flattenDictionaryObject):
      (JSC::JSObject::ensureInt32):
      (JSC::JSObject::ensureDouble):
      (JSC::JSObject::ensureContiguous):
      (JSC::JSObject::rageEnsureContiguous):
      (JSC::JSObject::ensureArrayStorage):
      (JSC::JSObject::finishCreation):
      (JSC::JSObject::createStructure):
      (JSC::JSObject::ensureLength):
      (JSC::JSNonFinalObject::createStructure):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC::JSNonFinalObject::finishCreation):
      (JSC::JSFinalObject::createStructure):
      (JSC::JSFinalObject::finishCreation):
      (JSC::JSFinalObject::JSFinalObject):
      (JSC::JSFinalObject::create):
      (JSC::JSObject::setButterfly):
      (JSC::JSObject::JSObject):
      (JSC::JSObject::inlineGetOwnPropertySlot):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::setStructureAndReallocateStorageIfNecessary):
      (JSC::JSObject::putOwnDataProperty):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSPropertyNameIterator.h:
      (JSC::JSPropertyNameIterator::createStructure):
      (JSC::JSPropertyNameIterator::setCachedStructure):
      (JSC::JSPropertyNameIterator::setCachedPrototypeChain):
      (JSC::JSPropertyNameIterator::finishCreation):
      (JSC::StructureRareData::setEnumerationCache):
      * runtime/JSProxy.cpp:
      (JSC::JSProxy::setTarget):
      * runtime/JSProxy.h:
      (JSC::JSProxy::create):
      (JSC::JSProxy::createStructure):
      (JSC::JSProxy::JSProxy):
      (JSC::JSProxy::finishCreation):
      (JSProxy):
      * runtime/JSScope.cpp:
      (JSC::executeResolveOperations):
      (JSC::JSScope::resolveContainingScopeInternal):
      (JSC::JSScope::resolveWithBase):
      (JSC::JSScope::resolveWithThis):
      (JSC::JSScope::resolvePut):
      * runtime/JSScope.h:
      (JSScope):
      (JSC::JSScope::JSScope):
      (JSC::JSScope::vm):
      (JSC::ExecState::vm):
      * runtime/JSSegmentedVariableObject.h:
      (JSC::JSSegmentedVariableObject::JSSegmentedVariableObject):
      (JSC::JSSegmentedVariableObject::finishCreation):
      * runtime/JSString.cpp:
      (JSC::JSRopeString::RopeBuilder::expand):
      (JSC::StringObject::create):
      * runtime/JSString.h:
      (JSC):
      (JSString):
      (JSC::JSString::JSString):
      (JSC::JSString::finishCreation):
      (JSC::JSString::create):
      (JSC::JSString::createHasOtherOwner):
      (JSC::JSString::createStructure):
      (JSRopeString):
      (JSC::JSRopeString::RopeBuilder::RopeBuilder):
      (JSC::JSRopeString::RopeBuilder::append):
      (RopeBuilder):
      (JSC::JSRopeString::JSRopeString):
      (JSC::JSRopeString::finishCreation):
      (JSC::JSRopeString::append):
      (JSC::JSRopeString::createNull):
      (JSC::JSRopeString::create):
      (JSC::jsEmptyString):
      (JSC::jsSingleCharacterString):
      (JSC::jsSingleCharacterSubstring):
      (JSC::jsNontrivialString):
      (JSC::jsString):
      (JSC::jsSubstring):
      (JSC::jsSubstring8):
      (JSC::jsOwnedString):
      (JSC::jsStringBuilder):
      (JSC::inlineJSValueNotStringtoString):
      * runtime/JSStringJoiner.cpp:
      (JSC::JSStringJoiner::build):
      * runtime/JSSymbolTableObject.h:
      (JSC::JSSymbolTableObject::JSSymbolTableObject):
      (JSC::JSSymbolTableObject::finishCreation):
      (JSC::symbolTablePut):
      (JSC::symbolTablePutWithAttributes):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::JSVariableObject):
      * runtime/JSWithScope.h:
      (JSC::JSWithScope::create):
      (JSC::JSWithScope::createStructure):
      (JSC::JSWithScope::JSWithScope):
      * runtime/JSWrapperObject.h:
      (JSWrapperObject):
      (JSC::JSWrapperObject::createStructure):
      (JSC::JSWrapperObject::JSWrapperObject):
      (JSC::JSWrapperObject::setInternalValue):
      * runtime/LiteralParser.cpp:
      (JSC::::tryJSONPParse):
      (JSC::::makeIdentifier):
      (JSC::::parse):
      * runtime/Lookup.cpp:
      (JSC::HashTable::createTable):
      (JSC::setUpStaticFunctionSlot):
      * runtime/Lookup.h:
      (JSC::HashTable::initializeIfNeeded):
      (JSC::HashTable::entry):
      (JSC::HashTable::begin):
      (JSC::HashTable::end):
      (HashTable):
      (JSC::lookupPut):
      * runtime/MathObject.cpp:
      (JSC::MathObject::MathObject):
      (JSC::MathObject::finishCreation):
      (JSC::mathProtoFuncSin):
      * runtime/MathObject.h:
      (JSC::MathObject::createStructure):
      * runtime/MemoryStatistics.cpp:
      * runtime/MemoryStatistics.h:
      * runtime/NameConstructor.cpp:
      (JSC::NameConstructor::finishCreation):
      (JSC::constructPrivateName):
      * runtime/NameConstructor.h:
      (JSC::NameConstructor::createStructure):
      * runtime/NameInstance.cpp:
      (JSC::NameInstance::NameInstance):
      * runtime/NameInstance.h:
      (JSC::NameInstance::createStructure):
      (JSC::NameInstance::create):
      (NameInstance):
      (JSC::NameInstance::finishCreation):
      * runtime/NamePrototype.cpp:
      (JSC::NamePrototype::NamePrototype):
      (JSC::NamePrototype::finishCreation):
      * runtime/NamePrototype.h:
      (JSC::NamePrototype::createStructure):
      * runtime/NativeErrorConstructor.h:
      (JSC::NativeErrorConstructor::createStructure):
      (JSC::NativeErrorConstructor::finishCreation):
      * runtime/NativeErrorPrototype.cpp:
      (JSC::NativeErrorPrototype::finishCreation):
      * runtime/NumberConstructor.cpp:
      (JSC::NumberConstructor::finishCreation):
      (JSC::constructWithNumberConstructor):
      * runtime/NumberConstructor.h:
      (JSC::NumberConstructor::createStructure):
      * runtime/NumberObject.cpp:
      (JSC::NumberObject::NumberObject):
      (JSC::NumberObject::finishCreation):
      (JSC::constructNumber):
      * runtime/NumberObject.h:
      (NumberObject):
      (JSC::NumberObject::create):
      (JSC::NumberObject::createStructure):
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::NumberPrototype):
      (JSC::NumberPrototype::finishCreation):
      (JSC::integerValueToString):
      (JSC::numberProtoFuncToString):
      * runtime/NumberPrototype.h:
      (JSC::NumberPrototype::createStructure):
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::finishCreation):
      (JSC::objectConstructorGetOwnPropertyDescriptor):
      (JSC::objectConstructorSeal):
      (JSC::objectConstructorFreeze):
      (JSC::objectConstructorPreventExtensions):
      (JSC::objectConstructorIsSealed):
      (JSC::objectConstructorIsFrozen):
      * runtime/ObjectConstructor.h:
      (JSC::ObjectConstructor::createStructure):
      (JSC::constructEmptyObject):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::ObjectPrototype):
      (JSC::ObjectPrototype::finishCreation):
      (JSC::objectProtoFuncToString):
      * runtime/ObjectPrototype.h:
      (JSC::ObjectPrototype::createStructure):
      * runtime/Operations.cpp:
      (JSC::jsTypeStringForValue):
      * runtime/Operations.h:
      (JSC):
      (JSC::jsString):
      (JSC::jsStringFromArguments):
      (JSC::normalizePrototypeChainForChainAccess):
      (JSC::normalizePrototypeChain):
      * runtime/PropertyMapHashTable.h:
      (JSC::PropertyMapEntry::PropertyMapEntry):
      (JSC::PropertyTable::createStructure):
      (PropertyTable):
      (JSC::PropertyTable::copy):
      * runtime/PropertyNameArray.h:
      (JSC::PropertyNameArray::PropertyNameArray):
      (JSC::PropertyNameArray::vm):
      (JSC::PropertyNameArray::addKnownUnique):
      (PropertyNameArray):
      * runtime/PropertyTable.cpp:
      (JSC::PropertyTable::create):
      (JSC::PropertyTable::clone):
      (JSC::PropertyTable::PropertyTable):
      * runtime/PrototypeMap.cpp:
      (JSC::PrototypeMap::emptyObjectStructureForPrototype):
      * runtime/RegExp.cpp:
      (JSC::RegExp::RegExp):
      (JSC::RegExp::finishCreation):
      (JSC::RegExp::createWithoutCaching):
      (JSC::RegExp::create):
      (JSC::RegExp::compile):
      (JSC::RegExp::compileIfNecessary):
      (JSC::RegExp::match):
      (JSC::RegExp::compileMatchOnly):
      (JSC::RegExp::compileIfNecessaryMatchOnly):
      * runtime/RegExp.h:
      (JSC):
      (RegExp):
      (JSC::RegExp::createStructure):
      * runtime/RegExpCache.cpp:
      (JSC::RegExpCache::lookupOrCreate):
      (JSC::RegExpCache::RegExpCache):
      (JSC::RegExpCache::addToStrongCache):
      * runtime/RegExpCache.h:
      (RegExpCache):
      * runtime/RegExpCachedResult.cpp:
      (JSC::RegExpCachedResult::lastResult):
      (JSC::RegExpCachedResult::setInput):
      * runtime/RegExpCachedResult.h:
      (JSC::RegExpCachedResult::RegExpCachedResult):
      (JSC::RegExpCachedResult::record):
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpConstructor::RegExpConstructor):
      (JSC::RegExpConstructor::finishCreation):
      (JSC::constructRegExp):
      * runtime/RegExpConstructor.h:
      (JSC::RegExpConstructor::createStructure):
      (RegExpConstructor):
      (JSC::RegExpConstructor::performMatch):
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::RegExpMatchesArray):
      (JSC::RegExpMatchesArray::create):
      (JSC::RegExpMatchesArray::finishCreation):
      (JSC::RegExpMatchesArray::reifyAllProperties):
      * runtime/RegExpMatchesArray.h:
      (RegExpMatchesArray):
      (JSC::RegExpMatchesArray::createStructure):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::RegExpObject):
      (JSC::RegExpObject::finishCreation):
      (JSC::RegExpObject::match):
      * runtime/RegExpObject.h:
      (JSC::RegExpObject::create):
      (JSC::RegExpObject::setRegExp):
      (JSC::RegExpObject::setLastIndex):
      (JSC::RegExpObject::createStructure):
      * runtime/RegExpPrototype.cpp:
      (JSC::regExpProtoFuncCompile):
      * runtime/RegExpPrototype.h:
      (JSC::RegExpPrototype::createStructure):
      * runtime/SmallStrings.cpp:
      (JSC::SmallStrings::initializeCommonStrings):
      (JSC::SmallStrings::createEmptyString):
      (JSC::SmallStrings::createSingleCharacterString):
      (JSC::SmallStrings::initialize):
      * runtime/SmallStrings.h:
      (JSC):
      (JSC::SmallStrings::singleCharacterString):
      (SmallStrings):
      * runtime/SparseArrayValueMap.cpp:
      (JSC::SparseArrayValueMap::SparseArrayValueMap):
      (JSC::SparseArrayValueMap::finishCreation):
      (JSC::SparseArrayValueMap::create):
      (JSC::SparseArrayValueMap::createStructure):
      (JSC::SparseArrayValueMap::putDirect):
      (JSC::SparseArrayEntry::put):
      * runtime/SparseArrayValueMap.h:
      * runtime/StrictEvalActivation.cpp:
      (JSC::StrictEvalActivation::StrictEvalActivation):
      * runtime/StrictEvalActivation.h:
      (JSC::StrictEvalActivation::create):
      (JSC::StrictEvalActivation::createStructure):
      * runtime/StringConstructor.cpp:
      (JSC::StringConstructor::finishCreation):
      * runtime/StringConstructor.h:
      (JSC::StringConstructor::createStructure):
      * runtime/StringObject.cpp:
      (JSC::StringObject::StringObject):
      (JSC::StringObject::finishCreation):
      (JSC::constructString):
      * runtime/StringObject.h:
      (JSC::StringObject::create):
      (JSC::StringObject::createStructure):
      (StringObject):
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::StringPrototype):
      (JSC::StringPrototype::finishCreation):
      (JSC::removeUsingRegExpSearch):
      (JSC::replaceUsingRegExpSearch):
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSearch):
      (JSC::stringProtoFuncSplit):
      * runtime/StringPrototype.h:
      (JSC::StringPrototype::createStructure):
      * runtime/StringRecursionChecker.h:
      (JSC::StringRecursionChecker::performCheck):
      (JSC::StringRecursionChecker::~StringRecursionChecker):
      * runtime/Structure.cpp:
      (JSC::StructureTransitionTable::add):
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::despecifyDictionaryFunction):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::removePropertyTransition):
      (JSC::Structure::changePrototypeTransition):
      (JSC::Structure::despecifyFunctionTransition):
      (JSC::Structure::attributeChangeTransition):
      (JSC::Structure::toDictionaryTransition):
      (JSC::Structure::toCacheableDictionaryTransition):
      (JSC::Structure::toUncacheableDictionaryTransition):
      (JSC::Structure::sealTransition):
      (JSC::Structure::freezeTransition):
      (JSC::Structure::preventExtensionsTransition):
      (JSC::Structure::takePropertyTableOrCloneIfPinned):
      (JSC::Structure::nonPropertyTransition):
      (JSC::Structure::isSealed):
      (JSC::Structure::isFrozen):
      (JSC::Structure::flattenDictionaryStructure):
      (JSC::Structure::addPropertyWithoutTransition):
      (JSC::Structure::removePropertyWithoutTransition):
      (JSC::Structure::allocateRareData):
      (JSC::Structure::cloneRareDataFrom):
      (JSC::Structure::copyPropertyTable):
      (JSC::Structure::copyPropertyTableForPinning):
      (JSC::Structure::get):
      (JSC::Structure::despecifyFunction):
      (JSC::Structure::despecifyAllFunctions):
      (JSC::Structure::putSpecificValue):
      (JSC::Structure::createPropertyMap):
      (JSC::Structure::getPropertyNamesFromStructure):
      (JSC::Structure::prototypeChainMayInterceptStoreTo):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::finishCreation):
      (JSC::Structure::setPrototypeWithoutTransition):
      (JSC::Structure::setGlobalObject):
      (JSC::Structure::setObjectToStringValue):
      (JSC::Structure::materializePropertyMapIfNecessary):
      (JSC::Structure::materializePropertyMapIfNecessaryForPinning):
      (JSC::Structure::setPreviousID):
      * runtime/StructureChain.cpp:
      (JSC::StructureChain::StructureChain):
      * runtime/StructureChain.h:
      (JSC::StructureChain::create):
      (JSC::StructureChain::createStructure):
      (JSC::StructureChain::finishCreation):
      (StructureChain):
      * runtime/StructureInlines.h:
      (JSC::Structure::create):
      (JSC::Structure::createStructure):
      (JSC::Structure::get):
      (JSC::Structure::setEnumerationCache):
      (JSC::Structure::prototypeChain):
      (JSC::Structure::propertyTable):
      * runtime/StructureRareData.cpp:
      (JSC::StructureRareData::createStructure):
      (JSC::StructureRareData::create):
      (JSC::StructureRareData::clone):
      (JSC::StructureRareData::StructureRareData):
      * runtime/StructureRareData.h:
      (StructureRareData):
      * runtime/StructureRareDataInlines.h:
      (JSC::StructureRareData::setPreviousID):
      (JSC::StructureRareData::setObjectToStringValue):
      * runtime/StructureTransitionTable.h:
      (StructureTransitionTable):
      (JSC::StructureTransitionTable::setSingleTransition):
      * runtime/SymbolTable.h:
      (JSC::SharedSymbolTable::create):
      (JSC::SharedSymbolTable::createStructure):
      (JSC::SharedSymbolTable::SharedSymbolTable):
      * runtime/VM.cpp: Copied from Source/JavaScriptCore/runtime/JSGlobalData.cpp.
      (JSC::VM::VM):
      (JSC::VM::~VM):
      (JSC::VM::createContextGroup):
      (JSC::VM::create):
      (JSC::VM::createLeaked):
      (JSC::VM::sharedInstanceExists):
      (JSC::VM::sharedInstance):
      (JSC::VM::sharedInstanceInternal):
      (JSC::VM::getHostFunction):
      (JSC::VM::ClientData::~ClientData):
      (JSC::VM::resetDateCache):
      (JSC::VM::startSampling):
      (JSC::VM::stopSampling):
      (JSC::VM::discardAllCode):
      (JSC::VM::dumpSampleData):
      (JSC::VM::addSourceProviderCache):
      (JSC::VM::clearSourceProviderCaches):
      (JSC::VM::releaseExecutableMemory):
      (JSC::releaseExecutableMemory):
      (JSC::VM::gatherConservativeRoots):
      (JSC::VM::addRegExpToTrace):
      (JSC::VM::dumpRegExpTrace):
      * runtime/VM.h: Copied from Source/JavaScriptCore/runtime/JSGlobalData.h.
      (VM):
      (JSC::VM::isSharedInstance):
      (JSC::VM::usingAPI):
      (JSC::VM::isInitializingObject):
      (JSC::VM::setInitializingObjectClass):
      (JSC::WeakSet::heap):
      * runtime/WriteBarrier.h:
      (JSC):
      (JSC::WriteBarrierBase::set):
      (JSC::WriteBarrierBase::setMayBeNull):
      (JSC::WriteBarrierBase::setEarlyValue):
      (JSC::WriteBarrier::WriteBarrier):
      * testRegExp.cpp:
      (GlobalObject):
      (GlobalObject::create):
      (GlobalObject::createStructure):
      (GlobalObject::finishCreation):
      (main):
      (testOneRegExp):
      (parseRegExpLine):
      (runFromFiles):
      (realMain):
      * yarr/YarrInterpreter.h:
      (BytecodePattern):
      * yarr/YarrJIT.cpp:
      (YarrGenerator):
      (JSC::Yarr::YarrGenerator::compile):
      (JSC::Yarr::jitCompile):
      * yarr/YarrJIT.h:
      (JSC):
      
      ../WebCore: 
      
      * ForwardingHeaders/runtime/JSGlobalData.h: Removed.
      * ForwardingHeaders/runtime/VM.h: Copied from Source/WebCore/ForwardingHeaders/runtime/JSGlobalData.h.
      * WebCore.exp.in:
      * WebCore.order:
      * WebCore.vcxproj/WebCore.vcxproj:
      * WebCore.vcxproj/WebCore.vcxproj.filters:
      * bindings/js/DOMObjectHashTableMap.cpp:
      (WebCore::DOMObjectHashTableMap::mapFor):
      * bindings/js/DOMObjectHashTableMap.h:
      (JSC):
      (DOMObjectHashTableMap):
      * bindings/js/DOMWrapperWorld.cpp:
      (WebCore::DOMWrapperWorld::DOMWrapperWorld):
      (WebCore::DOMWrapperWorld::~DOMWrapperWorld):
      (WebCore::normalWorld):
      (WebCore::mainThreadNormalWorld):
      * bindings/js/DOMWrapperWorld.h:
      (WebCore::DOMWrapperWorld::create):
      (WebCore::DOMWrapperWorld::vm):
      (DOMWrapperWorld):
      (WebCore):
      * bindings/js/GCController.cpp:
      (WebCore::collect):
      (WebCore::GCController::garbageCollectSoon):
      (WebCore::GCController::garbageCollectNow):
      (WebCore::GCController::setJavaScriptGarbageCollectorTimerEnabled):
      (WebCore::GCController::discardAllCompiledCode):
      * bindings/js/IDBBindingUtilities.cpp:
      (WebCore::get):
      (WebCore::set):
      (WebCore::deserializeIDBValue):
      (WebCore::deserializeIDBValueBuffer):
      (WebCore::idbKeyToScriptValue):
      * bindings/js/JSCallbackData.h:
      (WebCore::JSCallbackData::JSCallbackData):
      * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
      (WebCore::JSSQLStatementErrorCallback::handleEvent):
      * bindings/js/JSCustomXPathNSResolver.cpp:
      (WebCore::JSCustomXPathNSResolver::JSCustomXPathNSResolver):
      (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::getHashTableForGlobalData):
      (WebCore::reportException):
      (WebCore::cacheDOMStructure):
      * bindings/js/JSDOMBinding.h:
      (WebCore::DOMConstructorObject::createStructure):
      (WebCore::DOMConstructorWithDocument::finishCreation):
      (WebCore::getDOMStructure):
      (WebCore::setInlineCachedWrapper):
      (WebCore):
      (WebCore::jsStringWithCache):
      * bindings/js/JSDOMGlobalObject.cpp:
      (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
      (WebCore::JSDOMGlobalObject::finishCreation):
      * bindings/js/JSDOMGlobalObject.h:
      (JSDOMGlobalObject):
      (WebCore::JSDOMGlobalObject::createStructure):
      (WebCore::getDOMConstructor):
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::JSDOMWindowBase):
      (WebCore::JSDOMWindowBase::finishCreation):
      (WebCore::JSDOMWindowBase::updateDocument):
      (WebCore::JSDOMWindowBase::commonVM):
      * bindings/js/JSDOMWindowBase.h:
      (JSDOMWindowBase):
      (WebCore::JSDOMWindowBase::createStructure):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::setLocation):
      (WebCore::DialogHandler::dialogCreated):
      (WebCore::DialogHandler::returnValue):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::JSDOMWindowShell):
      (WebCore::JSDOMWindowShell::finishCreation):
      (WebCore::JSDOMWindowShell::setWindow):
      * bindings/js/JSDOMWindowShell.h:
      (JSDOMWindowShell):
      (WebCore::JSDOMWindowShell::create):
      (WebCore::JSDOMWindowShell::createStructure):
      * bindings/js/JSDOMWrapper.h:
      (WebCore::JSDOMWrapper::JSDOMWrapper):
      * bindings/js/JSDeviceMotionEventCustom.cpp:
      (WebCore::createAccelerationObject):
      (WebCore::createRotationRateObject):
      * bindings/js/JSDictionary.cpp:
      (WebCore::JSDictionary::convertValue):
      * bindings/js/JSDictionary.h:
      (WebCore::JSDictionary::JSDictionary):
      * bindings/js/JSErrorHandler.cpp:
      (WebCore::JSErrorHandler::handleEvent):
      * bindings/js/JSEventListener.cpp:
      (WebCore::JSEventListener::handleEvent):
      * bindings/js/JSEventListener.h:
      (WebCore::JSEventListener::setWrapper):
      (WebCore::JSEventListener::jsFunction):
      * bindings/js/JSHTMLDocumentCustom.cpp:
      (WebCore::JSHTMLDocument::all):
      (WebCore::JSHTMLDocument::setAll):
      * bindings/js/JSHTMLTemplateElementCustom.cpp:
      (WebCore::JSHTMLTemplateElement::content):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::JSHistory::state):
      * bindings/js/JSImageConstructor.cpp:
      (WebCore::JSImageConstructor::finishCreation):
      * bindings/js/JSImageConstructor.h:
      (WebCore::JSImageConstructor::createStructure):
      * bindings/js/JSImageDataCustom.cpp:
      (WebCore::toJS):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::InjectedScriptHost::nodeAsScriptValue):
      (WebCore::JSInjectedScriptHost::functionDetails):
      (WebCore::getJSListenerFunctions):
      (WebCore::JSInjectedScriptHost::getEventListeners):
      (WebCore::JSInjectedScriptHost::inspect):
      * bindings/js/JSLazyEventListener.cpp:
      (WebCore::JSLazyEventListener::initializeJSFunction):
      * bindings/js/JSMessageEventCustom.cpp:
      (WebCore::JSMessageEvent::data):
      (WebCore::handleInitMessageEvent):
      * bindings/js/JSMutationCallback.cpp:
      (WebCore::JSMutationCallback::call):
      * bindings/js/JSMutationObserverCustom.cpp:
      (WebCore::JSMutationObserverConstructor::constructJSMutationObserver):
      * bindings/js/JSNodeFilterCondition.cpp:
      (WebCore::JSNodeFilterCondition::JSNodeFilterCondition):
      * bindings/js/JSNodeFilterCondition.h:
      (WebCore::JSNodeFilterCondition::create):
      (JSNodeFilterCondition):
      * bindings/js/JSNodeFilterCustom.cpp:
      (WebCore::toNodeFilter):
      * bindings/js/JSPopStateEventCustom.cpp:
      (WebCore::cacheState):
      * bindings/js/JSRequestAnimationFrameCallbackCustom.cpp:
      (WebCore::JSRequestAnimationFrameCallback::handleEvent):
      * bindings/js/JSSQLResultSetRowListCustom.cpp:
      (WebCore::JSSQLResultSetRowList::item):
      * bindings/js/JSWorkerContextBase.cpp:
      (WebCore::JSWorkerContextBase::JSWorkerContextBase):
      (WebCore::JSWorkerContextBase::finishCreation):
      * bindings/js/JSWorkerContextBase.h:
      (WebCore::JSWorkerContextBase::createStructure):
      (JSWorkerContextBase):
      * bindings/js/PageScriptDebugServer.cpp:
      (WebCore::PageScriptDebugServer::recompileAllJSFunctions):
      * bindings/js/ScheduledAction.cpp:
      (WebCore::ScheduledAction::ScheduledAction):
      (WebCore::ScheduledAction::executeFunctionInContext):
      * bindings/js/ScheduledAction.h:
      (WebCore::ScheduledAction::ScheduledAction):
      * bindings/js/ScriptCachedFrameData.cpp:
      (WebCore::ScriptCachedFrameData::ScriptCachedFrameData):
      (WebCore::ScriptCachedFrameData::restore):
      (WebCore::ScriptCachedFrameData::clear):
      * bindings/js/ScriptCallStackFactory.cpp:
      (WebCore::createScriptCallStack):
      (WebCore::createScriptArguments):
      * bindings/js/ScriptController.cpp:
      (WebCore::ScriptController::createWindowShell):
      (WebCore::ScriptController::evaluateInWorld):
      (WebCore::ScriptController::createWorld):
      (WebCore::ScriptController::getAllWorlds):
      (WebCore::ScriptController::clearWindowShell):
      (WebCore::ScriptController::initScript):
      (WebCore::ScriptController::updateDocument):
      (WebCore::ScriptController::cacheableBindingRootObject):
      (WebCore::ScriptController::bindingRootObject):
      (WebCore::ScriptController::clearScriptObjects):
      (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy):
      * bindings/js/ScriptControllerMac.mm:
      (WebCore::ScriptController::windowScriptObject):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::dispatchDidPause):
      * bindings/js/ScriptEventListener.cpp:
      (WebCore::eventListenerHandlerBody):
      (WebCore::eventListenerHandler):
      (WebCore::eventListenerHandlerLocation):
      * bindings/js/ScriptFunctionCall.cpp:
      (WebCore::ScriptFunctionCall::call):
      (WebCore::ScriptCallback::call):
      * bindings/js/ScriptGCEvent.cpp:
      (WebCore::ScriptGCEvent::getHeapSize):
      * bindings/js/ScriptObject.cpp:
      (WebCore::ScriptObject::ScriptObject):
      (WebCore::ScriptGlobalObject::set):
      * bindings/js/ScriptState.h:
      (WebCore):
      * bindings/js/ScriptValue.cpp:
      (WebCore::ScriptValue::deserialize):
      * bindings/js/ScriptValue.h:
      (WebCore::ScriptValue::ScriptValue):
      * bindings/js/ScriptWrappable.h:
      (JSC):
      (ScriptWrappable):
      * bindings/js/ScriptWrappableInlines.h:
      (WebCore::ScriptWrappable::setWrapper):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::readTerminal):
      (WebCore::SerializedScriptValue::deserializeForInspector):
      (WebCore::SerializedScriptValue::maybeThrowExceptionIfSerializationFailed):
      * bindings/js/WebCoreJSClientData.h:
      (WebCoreJSClientData):
      (WebCore::initNormalWorldClientData):
      * bindings/js/WorkerScriptController.cpp:
      (WebCore::WorkerScriptController::WorkerScriptController):
      (WebCore::WorkerScriptController::~WorkerScriptController):
      (WebCore::WorkerScriptController::initScript):
      (WebCore::WorkerScriptController::evaluate):
      (WebCore::WorkerScriptController::scheduleExecutionTermination):
      (WebCore::WorkerScriptController::isExecutionTerminating):
      (WebCore::WorkerScriptController::disableEval):
      * bindings/js/WorkerScriptController.h:
      (JSC):
      (WebCore::WorkerScriptController::vm):
      (WorkerScriptController):
      * bindings/js/WorkerScriptDebugServer.cpp:
      (WebCore::WorkerScriptDebugServer::recompileAllJSFunctions):
      * bindings/objc/WebScriptObject.mm:
      (+[WebScriptObject _convertValueToObjcValue:JSC::originRootObject:rootObject:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateCallbackImplementation):
      (JSValueToNative):
      (GenerateConstructorDeclaration):
      (GenerateConstructorHelperMethods):
      * bindings/scripts/test/JS/JSFloat64Array.cpp:
      (WebCore::getJSFloat64ArrayConstructorTable):
      (WebCore::JSFloat64ArrayConstructor::finishCreation):
      (WebCore::getJSFloat64ArrayPrototypeTable):
      (WebCore::getJSFloat64ArrayTable):
      (WebCore::JSFloat64Array::finishCreation):
      (WebCore::JSFloat64Array::createPrototype):
      * bindings/scripts/test/JS/JSFloat64Array.h:
      (WebCore::JSFloat64Array::create):
      (WebCore::JSFloat64Array::createStructure):
      (JSFloat64Array):
      (WebCore::JSFloat64ArrayPrototype::create):
      (WebCore::JSFloat64ArrayPrototype::createStructure):
      (WebCore::JSFloat64ArrayPrototype::JSFloat64ArrayPrototype):
      (WebCore::JSFloat64ArrayConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
      (WebCore::JSTestActiveDOMObjectConstructor::finishCreation):
      (WebCore::JSTestActiveDOMObject::finishCreation):
      (WebCore::JSTestActiveDOMObject::createPrototype):
      * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
      (WebCore::JSTestActiveDOMObject::create):
      (WebCore::JSTestActiveDOMObject::createStructure):
      (JSTestActiveDOMObject):
      (WebCore::JSTestActiveDOMObjectPrototype::create):
      (WebCore::JSTestActiveDOMObjectPrototype::createStructure):
      (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype):
      (WebCore::JSTestActiveDOMObjectConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestCallback.cpp:
      (WebCore::JSTestCallback::callbackWithNoParam):
      (WebCore::JSTestCallback::callbackWithClass1Param):
      (WebCore::JSTestCallback::callbackWithClass2Param):
      (WebCore::JSTestCallback::callbackWithStringList):
      (WebCore::JSTestCallback::callbackWithBoolean):
      (WebCore::JSTestCallback::callbackRequiresThisToPass):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
      (WebCore::JSTestCustomNamedGetterConstructor::finishCreation):
      (WebCore::JSTestCustomNamedGetter::finishCreation):
      (WebCore::JSTestCustomNamedGetter::createPrototype):
      * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
      (WebCore::JSTestCustomNamedGetter::create):
      (WebCore::JSTestCustomNamedGetter::createStructure):
      (JSTestCustomNamedGetter):
      (WebCore::JSTestCustomNamedGetterPrototype::create):
      (WebCore::JSTestCustomNamedGetterPrototype::createStructure):
      (WebCore::JSTestCustomNamedGetterPrototype::JSTestCustomNamedGetterPrototype):
      (WebCore::JSTestCustomNamedGetterConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
      (WebCore::JSTestEventConstructorConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::finishCreation):
      (WebCore::JSTestEventConstructor::createPrototype):
      * bindings/scripts/test/JS/JSTestEventConstructor.h:
      (WebCore::JSTestEventConstructor::create):
      (WebCore::JSTestEventConstructor::createStructure):
      (JSTestEventConstructor):
      (WebCore::JSTestEventConstructorPrototype::create):
      (WebCore::JSTestEventConstructorPrototype::createStructure):
      (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype):
      (WebCore::JSTestEventConstructorConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestEventTarget.cpp:
      (WebCore::JSTestEventTargetConstructor::finishCreation):
      (WebCore::JSTestEventTarget::finishCreation):
      (WebCore::JSTestEventTarget::createPrototype):
      * bindings/scripts/test/JS/JSTestEventTarget.h:
      (WebCore::JSTestEventTarget::create):
      (WebCore::JSTestEventTarget::createStructure):
      (JSTestEventTarget):
      (WebCore::JSTestEventTargetPrototype::create):
      (WebCore::JSTestEventTargetPrototype::createStructure):
      (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype):
      (WebCore::JSTestEventTargetConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestException.cpp:
      (WebCore::JSTestExceptionConstructor::finishCreation):
      (WebCore::JSTestException::finishCreation):
      (WebCore::JSTestException::createPrototype):
      * bindings/scripts/test/JS/JSTestException.h:
      (WebCore::JSTestException::create):
      (WebCore::JSTestException::createStructure):
      (JSTestException):
      (WebCore::JSTestExceptionPrototype::create):
      (WebCore::JSTestExceptionPrototype::createStructure):
      (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype):
      (WebCore::JSTestExceptionConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestInterface.cpp:
      (WebCore::JSTestInterfaceConstructor::finishCreation):
      (WebCore::JSTestInterface::finishCreation):
      (WebCore::JSTestInterface::createPrototype):
      * bindings/scripts/test/JS/JSTestInterface.h:
      (WebCore::JSTestInterface::create):
      (WebCore::JSTestInterface::createStructure):
      (JSTestInterface):
      (WebCore::JSTestInterfacePrototype::create):
      (WebCore::JSTestInterfacePrototype::createStructure):
      (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
      (WebCore::JSTestInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
      (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation):
      (WebCore::JSTestMediaQueryListListener::finishCreation):
      (WebCore::JSTestMediaQueryListListener::createPrototype):
      (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod):
      * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
      (WebCore::JSTestMediaQueryListListener::create):
      (WebCore::JSTestMediaQueryListListener::createStructure):
      (JSTestMediaQueryListListener):
      (WebCore::JSTestMediaQueryListListenerPrototype::create):
      (WebCore::JSTestMediaQueryListListenerPrototype::createStructure):
      (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
      (WebCore::JSTestMediaQueryListListenerConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
      (WebCore::JSTestNamedConstructorConstructor::finishCreation):
      (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::finishCreation):
      (WebCore::JSTestNamedConstructor::createPrototype):
      * bindings/scripts/test/JS/JSTestNamedConstructor.h:
      (WebCore::JSTestNamedConstructor::create):
      (WebCore::JSTestNamedConstructor::createStructure):
      (JSTestNamedConstructor):
      (WebCore::JSTestNamedConstructorPrototype::create):
      (WebCore::JSTestNamedConstructorPrototype::createStructure):
      (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype):
      (WebCore::JSTestNamedConstructorConstructor::createStructure):
      (WebCore::JSTestNamedConstructorNamedConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestNode.cpp:
      (WebCore::JSTestNodeConstructor::finishCreation):
      (WebCore::JSTestNode::finishCreation):
      (WebCore::JSTestNode::createPrototype):
      * bindings/scripts/test/JS/JSTestNode.h:
      (WebCore::JSTestNode::create):
      (WebCore::JSTestNode::createStructure):
      (JSTestNode):
      (WebCore::JSTestNodePrototype::create):
      (WebCore::JSTestNodePrototype::createStructure):
      (WebCore::JSTestNodePrototype::JSTestNodePrototype):
      (WebCore::JSTestNodeConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestObj.cpp:
      (WebCore::JSTestObjConstructor::finishCreation):
      (WebCore::JSTestObj::finishCreation):
      (WebCore::JSTestObj::createPrototype):
      (WebCore::jsTestObjCachedAttribute1):
      (WebCore::jsTestObjCachedAttribute2):
      (WebCore::setJSTestObjConditionalAttr4Constructor):
      (WebCore::setJSTestObjConditionalAttr5Constructor):
      (WebCore::setJSTestObjConditionalAttr6Constructor):
      (WebCore::setJSTestObjAnyAttribute):
      (WebCore::setJSTestObjReplaceableAttribute):
      * bindings/scripts/test/JS/JSTestObj.h:
      (WebCore::JSTestObj::create):
      (WebCore::JSTestObj::createStructure):
      (JSTestObj):
      (WebCore::JSTestObjPrototype::create):
      (WebCore::JSTestObjPrototype::createStructure):
      (WebCore::JSTestObjPrototype::JSTestObjPrototype):
      (WebCore::JSTestObjConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
      (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation):
      (WebCore::JSTestOverloadedConstructors::finishCreation):
      (WebCore::JSTestOverloadedConstructors::createPrototype):
      * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
      (WebCore::JSTestOverloadedConstructors::create):
      (WebCore::JSTestOverloadedConstructors::createStructure):
      (JSTestOverloadedConstructors):
      (WebCore::JSTestOverloadedConstructorsPrototype::create):
      (WebCore::JSTestOverloadedConstructorsPrototype::createStructure):
      (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype):
      (WebCore::JSTestOverloadedConstructorsConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::finishCreation):
      (WebCore::JSTestSerializedScriptValueInterface::createPrototype):
      (WebCore::jsTestSerializedScriptValueInterfaceCachedValue):
      (WebCore::jsTestSerializedScriptValueInterfaceCachedReadonlyValue):
      * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
      (WebCore::JSTestSerializedScriptValueInterface::create):
      (WebCore::JSTestSerializedScriptValueInterface::createStructure):
      (JSTestSerializedScriptValueInterface):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::create):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure):
      (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
      (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure):
      * bindings/scripts/test/JS/JSTestTypedefs.cpp:
      (WebCore::JSTestTypedefsConstructor::finishCreation):
      (WebCore::JSTestTypedefs::finishCreation):
      (WebCore::JSTestTypedefs::createPrototype):
      * bindings/scripts/test/JS/JSTestTypedefs.h:
      (WebCore::JSTestTypedefs::create):
      (WebCore::JSTestTypedefs::createStructure):
      (JSTestTypedefs):
      (WebCore::JSTestTypedefsPrototype::create):
      (WebCore::JSTestTypedefsPrototype::createStructure):
      (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype):
      (WebCore::JSTestTypedefsConstructor::createStructure):
      * bridge/c/CRuntimeObject.h:
      (JSC::Bindings::CRuntimeObject::createStructure):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CRuntimeMethod::create):
      (JSC::Bindings::CRuntimeMethod::createStructure):
      (JSC::Bindings::CRuntimeMethod::finishCreation):
      * bridge/jsc/BridgeJSC.cpp:
      (JSC::Bindings::Instance::createRuntimeObject):
      * bridge/objc/ObjCRuntimeObject.h:
      (JSC::Bindings::ObjCRuntimeObject::createStructure):
      * bridge/objc/objc_instance.mm:
      (ObjCRuntimeMethod::create):
      (ObjCRuntimeMethod::createStructure):
      (ObjCRuntimeMethod::finishCreation):
      * bridge/objc/objc_runtime.h:
      (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
      (JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
      * bridge/qt/qt_instance.cpp:
      (JSC::Bindings::QtRuntimeObject::createStructure):
      (JSC::Bindings::QtInstance::~QtInstance):
      (JSC::Bindings::QtInstance::getQtInstance):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::RuntimeArray):
      (JSC::RuntimeArray::finishCreation):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::create):
      (JSC::RuntimeArray::createStructure):
      (RuntimeArray):
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::finishCreation):
      * bridge/runtime_method.h:
      (JSC::RuntimeMethod::create):
      (JSC::RuntimeMethod::createStructure):
      (RuntimeMethod):
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::RuntimeObject):
      (JSC::Bindings::RuntimeObject::finishCreation):
      * bridge/runtime_object.h:
      (JSC::Bindings::RuntimeObject::createStructure):
      * bridge/runtime_root.cpp:
      (JSC::Bindings::RootObject::RootObject):
      (JSC::Bindings::RootObject::gcProtect):
      (JSC::Bindings::RootObject::gcUnprotect):
      (JSC::Bindings::RootObject::updateGlobalObject):
      (JSC::Bindings::RootObject::addRuntimeObject):
      * bridge/runtime_root.h:
      (RootObject):
      * dom/Node.cpp:
      * dom/Node.h:
      (JSC):
      * dom/ScriptExecutionContext.cpp:
      (WebCore::ScriptExecutionContext::vm):
      * dom/ScriptExecutionContext.h:
      (JSC):
      (ScriptExecutionContext):
      * html/HTMLCanvasElement.cpp:
      (WebCore::HTMLCanvasElement::createImageBuffer):
      * html/HTMLImageLoader.cpp:
      (WebCore::HTMLImageLoader::notifyFinished):
      * inspector/ScriptArguments.cpp:
      (WebCore::ScriptArguments::ScriptArguments):
      * loader/icon/IconDatabaseBase.cpp:
      (WebCore):
      (WebCore::iconDatabase):
      (WebCore::setGlobalIconDatabase):
      * platform/qt/MemoryUsageSupportQt.cpp:
      (WebCore::memoryUsageKB):
      (WebCore::actualMemoryUsageKB):
      * platform/win/ClipboardUtilitiesWin.cpp:
      (WebCore::createGlobalData):
      * plugins/PluginView.cpp:
      (WebCore::PluginView::start):
      (WebCore::PluginView::stop):
      (WebCore::PluginView::performRequest):
      (WebCore::PluginView::npObject):
      (WebCore::PluginView::privateBrowsingStateChanged):
      * plugins/blackberry/PluginViewBlackBerry.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      (WebCore::PluginView::getWindowInfo):
      * plugins/efl/PluginViewEfl.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      * plugins/gtk/PluginViewGtk.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      (WebCore::PluginView::platformStart):
      * plugins/mac/PluginViewMac.mm:
      (WebCore::PluginView::platformStart):
      * plugins/qt/PluginViewQt.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::setNPWindowIfNeeded):
      * plugins/win/PluginViewWin.cpp:
      (WebCore::PluginView::dispatchNPEvent):
      (WebCore::PluginView::handleKeyboardEvent):
      (WebCore::PluginView::handleMouseEvent):
      (WebCore::PluginView::setNPWindowRect):
      * testing/js/WebCoreTestSupport.cpp:
      (WebCoreTestSupport::injectInternalsObject):
      * xml/XMLHttpRequest.cpp:
      (WebCore::XMLHttpRequest::dropProtection):
      
      ../WebKit/blackberry: 
      
      * Api/BlackBerryGlobal.cpp:
      (BlackBerry::WebKit::clearMemoryCaches):
      * WebKitSupport/AboutData.cpp:
      * WebKitSupport/DumpRenderTreeSupport.cpp:
      (DumpRenderTreeSupport::javaScriptObjectsCount):
      
      ../WebKit/efl: 
      
      * WebCoreSupport/DumpRenderTreeSupportEfl.cpp:
      (DumpRenderTreeSupportEfl::javaScriptObjectsCount):
      
      ../WebKit/gtk: 
      
      * WebCoreSupport/DumpRenderTreeSupportGtk.cpp:
      (DumpRenderTreeSupportGtk::gcCountJavascriptObjects):
      
      ../WebKit/mac: 
      
      * Misc/WebCoreStatistics.mm:
      (+[WebCoreStatistics javaScriptObjectsCount]):
      (+[WebCoreStatistics javaScriptGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedGlobalObjectsCount]):
      (+[WebCoreStatistics javaScriptProtectedObjectTypeCounts]):
      (+[WebCoreStatistics javaScriptObjectTypeCounts]):
      (+[WebCoreStatistics shouldPrintExceptions]):
      (+[WebCoreStatistics setShouldPrintExceptions:]):
      (+[WebCoreStatistics memoryStatistics]):
      (+[WebCoreStatistics javaScriptReferencedObjectsCount]):
      * Plugins/Hosted/NetscapePluginHostProxy.mm:
      (identifierFromIdentifierRep):
      * Plugins/Hosted/NetscapePluginInstanceProxy.h:
      (LocalObjectMap):
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::LocalObjectMap::idForObject):
      (WebKit::NetscapePluginInstanceProxy::getWindowNPObject):
      (WebKit::NetscapePluginInstanceProxy::getPluginElementNPObject):
      (WebKit::NetscapePluginInstanceProxy::evaluate):
      (WebKit::NetscapePluginInstanceProxy::addValueToArray):
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyRuntimeMethod::create):
      (WebKit::ProxyRuntimeMethod::createStructure):
      (WebKit::ProxyRuntimeMethod::finishCreation):
      (WebKit::ProxyInstance::getPropertyNames):
      * Plugins/Hosted/ProxyRuntimeObject.h:
      (WebKit::ProxyRuntimeObject::create):
      (WebKit::ProxyRuntimeObject::createStructure):
      * Plugins/WebNetscapePluginStream.mm:
      (WebNetscapePluginStream::wantsAllStreams):
      * Plugins/WebNetscapePluginView.mm:
      (-[WebNetscapePluginView sendEvent:isDrawRect:]):
      (-[WebNetscapePluginView privateBrowsingModeDidChange]):
      (-[WebNetscapePluginView setWindowIfNecessary]):
      (-[WebNetscapePluginView createPluginScriptableObject]):
      (-[WebNetscapePluginView getFormValue:]):
      (-[WebNetscapePluginView evaluateJavaScriptPluginRequest:]):
      (-[WebNetscapePluginView webFrame:didFinishLoadWithReason:]):
      (-[WebNetscapePluginView loadPluginRequest:]):
      (-[WebNetscapePluginView _printedPluginBitmap]):
      * Plugins/WebPluginController.mm:
      (+[WebPluginController plugInViewWithArguments:fromPluginPackage:]):
      (-[WebPluginController stopOnePlugin:]):
      (-[WebPluginController destroyOnePlugin:]):
      (-[WebPluginController startAllPlugins]):
      (-[WebPluginController addPlugin:]):
      * WebKit.order:
      * WebView/WebScriptDebugDelegate.mm:
      (-[WebScriptCallFrame scopeChain]):
      (-[WebScriptCallFrame evaluateWebScript:]):
      * WebView/WebScriptDebugger.mm:
      (WebScriptDebugger::WebScriptDebugger):
      
      ../WebKit/qt: 
      
      * WebCoreSupport/DumpRenderTreeSupportQt.cpp:
      (DumpRenderTreeSupportQt::javaScriptObjectsCount):
      * WebCoreSupport/QWebFrameAdapter.cpp:
      (QWebFrameAdapter::addToJavaScriptWindowObject):
      
      ../WebKit/win: 
      
      * WebCoreStatistics.cpp:
      (WebCoreStatistics::javaScriptObjectsCount):
      (WebCoreStatistics::javaScriptGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectsCount):
      (WebCoreStatistics::javaScriptProtectedGlobalObjectsCount):
      (WebCoreStatistics::javaScriptProtectedObjectTypeCounts):
      * WebJavaScriptCollector.cpp:
      (WebJavaScriptCollector::objectCount):
      
      ../WebKit2: 
      
      * Shared/linux/WebMemorySamplerLinux.cpp:
      (WebKit::WebMemorySampler::sampleWebKit):
      * Shared/mac/WebMemorySampler.mac.mm:
      (WebKit::WebMemorySampler::sampleWebKit):
      * WebProcess/InjectedBundle/InjectedBundle.cpp:
      (WebKit::InjectedBundle::javaScriptObjectsCount):
      * WebProcess/Plugins/Netscape/JSNPMethod.cpp:
      (WebKit::JSNPMethod::finishCreation):
      * WebProcess/Plugins/Netscape/JSNPMethod.h:
      (WebKit::JSNPMethod::create):
      (JSNPMethod):
      (WebKit::JSNPMethod::createStructure):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::JSNPObject::JSNPObject):
      (WebKit::JSNPObject::finishCreation):
      (WebKit::JSNPObject::callMethod):
      (WebKit::JSNPObject::callObject):
      (WebKit::JSNPObject::callConstructor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::deleteProperty):
      (WebKit::JSNPObject::getOwnPropertyNames):
      (WebKit::JSNPObject::propertyGetter):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      (WebKit::JSNPObject::create):
      (WebKit::JSNPObject::createStructure):
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::create):
      (WebKit::NPJSObject::initialize):
      * WebProcess/Plugins/Netscape/NPJSObject.h:
      (JSC):
      (NPJSObject):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp:
      (WebKit::NPRuntimeObjectMap::getOrCreateNPObject):
      (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant):
      (WebKit::NPRuntimeObjectMap::evaluate):
      * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.h:
      (JSC):
      (NPRuntimeObjectMap):
      * WebProcess/Plugins/PluginView.cpp:
      (WebKit::PluginView::windowScriptNPObject):
      (WebKit::PluginView::pluginElementNPObject):
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::runJavaScriptInMainFrame):
      * WebProcess/WebProcess.cpp:
      (WebKit::WebProcess::getWebCoreStatistics):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@148696 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9a9a4b52
  8. 29 Jan, 2013 1 commit
    • oliver@apple.com's avatar
      Force debug builds to do bounds checks on contiguous property storage · a0099624
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=108212
      
      Reviewed by Mark Hahnenberg.
      
      Add a ContiguousData type that we use to represent contiguous property
      storage.  In release builds it is simply a pointer to the correct type,
      but in debug builds it also carries the data length and performs bounds
      checks.  This means we don't have to add as many manual bounds assertions
      when performing operations over contiguous data.
      
      * dfg/DFGOperations.cpp:
      * runtime/ArrayStorage.h:
      (ArrayStorage):
      (JSC::ArrayStorage::vector):
      * runtime/Butterfly.h:
      (JSC::ContiguousData::ContiguousData):
      (ContiguousData):
      (JSC::ContiguousData::operator[]):
      (JSC::ContiguousData::data):
      (JSC::ContiguousData::length):
      (JSC):
      (JSC::Butterfly::contiguousInt32):
      (Butterfly):
      (JSC::Butterfly::contiguousDouble):
      (JSC::Butterfly::contiguous):
      * runtime/JSArray.cpp:
      (JSC::JSArray::sortNumericVector):
      (ContiguousTypeAccessor):
      (JSC::ContiguousTypeAccessor::getAsValue):
      (JSC::ContiguousTypeAccessor::setWithValue):
      (JSC::ContiguousTypeAccessor::replaceDataReference):
      (JSC):
      (JSC::JSArray::sortCompactedVector):
      (JSC::JSArray::sort):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToArguments):
      * runtime/JSArray.h:
      (JSArray):
      * runtime/JSObject.cpp:
      (JSC::JSObject::copyButterfly):
      (JSC::JSObject::visitButterfly):
      (JSC::JSObject::createInitialInt32):
      (JSC::JSObject::createInitialDouble):
      (JSC::JSObject::createInitialContiguous):
      (JSC::JSObject::convertUndecidedToInt32):
      (JSC::JSObject::convertUndecidedToDouble):
      (JSC::JSObject::convertUndecidedToContiguous):
      (JSC::JSObject::convertInt32ToDouble):
      (JSC::JSObject::convertInt32ToContiguous):
      (JSC::JSObject::genericConvertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToContiguous):
      (JSC::JSObject::rageConvertDoubleToContiguous):
      (JSC::JSObject::ensureInt32Slow):
      (JSC::JSObject::ensureDoubleSlow):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::rageEnsureContiguousSlow):
      (JSC::JSObject::ensureLengthSlow):
      * runtime/JSObject.h:
      (JSC::JSObject::ensureInt32):
      (JSC::JSObject::ensureDouble):
      (JSC::JSObject::ensureContiguous):
      (JSC::JSObject::rageEnsureContiguous):
      (JSObject):
      (JSC::JSObject::indexingData):
      (JSC::JSObject::currentIndexingData):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141154 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a0099624
  9. 23 Jan, 2013 1 commit
    • oliver@apple.com's avatar
      Replace numerous manual CRASH's in JSC with RELEASE_ASSERT · 51b41da2
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=107726
      
      Reviewed by Filip Pizlo.
      
      Fairly manual change from if (foo) CRASH(); to RELEASE_ASSERT(!foo);
      
      * assembler/MacroAssembler.h:
      (JSC::MacroAssembler::branchAdd32):
      (JSC::MacroAssembler::branchMul32):
      * bytecode/CodeBlockHash.cpp:
      (JSC::CodeBlockHash::CodeBlockHash):
      * heap/BlockAllocator.h:
      (JSC::Region::create):
      (JSC::Region::createCustomSize):
      * heap/GCAssertions.h:
      * heap/HandleSet.cpp:
      (JSC::HandleSet::visitStrongHandles):
      (JSC::HandleSet::writeBarrier):
      * heap/HandleSet.h:
      (JSC::HandleSet::allocate):
      * heap/Heap.cpp:
      (JSC::Heap::collect):
      * heap/SlotVisitor.cpp:
      (JSC::SlotVisitor::validate):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      * jit/ExecutableAllocator.cpp:
      (JSC::DemandExecutableAllocator::allocateNewSpace):
      (JSC::ExecutableAllocator::allocate):
      * jit/ExecutableAllocator.h:
      (JSC::roundUpAllocationSize):
      * jit/ExecutableAllocatorFixedVMPool.cpp:
      (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
      (JSC::ExecutableAllocator::allocate):
      * runtime/ButterflyInlines.h:
      (JSC::Butterfly::createUninitialized):
      * runtime/Completion.cpp:
      (JSC::evaluate):
      * runtime/JSArray.h:
      (JSC::constructArray):
      * runtime/JSGlobalObject.cpp:
      (JSC::slowValidateCell):
      * runtime/JSObject.cpp:
      (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists):
      (JSC::JSObject::createArrayStorage):
      * tools/TieredMMapArray.h:
      (JSC::TieredMMapArray::append):
      * yarr/YarrInterpreter.cpp:
      (JSC::Yarr::Interpreter::allocDisjunctionContext):
      (JSC::Yarr::Interpreter::allocParenthesesDisjunctionContext):
      (JSC::Yarr::Interpreter::InputStream::readChecked):
      (JSC::Yarr::Interpreter::InputStream::uncheckInput):
      (JSC::Yarr::Interpreter::InputStream::atEnd):
      (JSC::Yarr::Interpreter::interpret):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@140584 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      51b41da2
  10. 08 Jan, 2013 1 commit
  11. 09 Nov, 2012 1 commit
    • mark.lam@apple.com's avatar
      Renamed ...InlineMethods.h files to ...Inlines.h. · a4fe7abf
      mark.lam@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=101145.
      
      Reviewed by Geoffrey Garen.
      
      This is only a refactoring effort to rename the files. There are no
      functionality changes.
      
      Source/JavaScriptCore: 
      
      * API/JSObjectRef.cpp:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * bytecode/CodeBlock.cpp:
      * dfg/DFGOperations.cpp:
      * heap/ConservativeRoots.cpp:
      * heap/CopiedBlock.h:
      * heap/CopiedSpace.cpp:
      * heap/CopiedSpaceInlineMethods.h: Removed.
      * heap/CopiedSpaceInlines.h: Copied from Source/JavaScriptCore/heap/CopiedSpaceInlineMethods.h.
      * heap/CopyVisitor.cpp:
      * heap/CopyVisitorInlineMethods.h: Removed.
      * heap/CopyVisitorInlines.h: Copied from Source/JavaScriptCore/heap/CopyVisitorInlineMethods.h.
      * heap/GCThread.cpp:
      * heap/GCThreadSharedData.cpp:
      * heap/HandleStack.cpp:
      * heap/Heap.cpp:
      * heap/HeapRootVisitor.h:
      * heap/MarkStack.cpp:
      * heap/MarkStackInlineMethods.h: Removed.
      * heap/MarkStackInlines.h: Copied from Source/JavaScriptCore/heap/MarkStackInlineMethods.h.
      * heap/SlotVisitor.cpp:
      * heap/SlotVisitor.h:
      * heap/SlotVisitorInlineMethods.h: Removed.
      * heap/SlotVisitorInlines.h: Copied from Source/JavaScriptCore/heap/SlotVisitorInlineMethods.h.
      * jit/HostCallReturnValue.cpp:
      * jit/JIT.cpp:
      * jit/JITArithmetic.cpp:
      * jit/JITArithmetic32_64.cpp:
      * jit/JITCall.cpp:
      * jit/JITCall32_64.cpp:
      * jit/JITInlineMethods.h: Removed.
      * jit/JITInlines.h: Copied from Source/JavaScriptCore/jit/JITInlineMethods.h.
      * jit/JITOpcodes.cpp:
      * jit/JITOpcodes32_64.cpp:
      * jit/JITPropertyAccess.cpp:
      * jit/JITPropertyAccess32_64.cpp:
      * jsc.cpp:
      * runtime/ArrayConstructor.cpp:
      * runtime/ArrayPrototype.cpp:
      * runtime/ButterflyInlineMethods.h: Removed.
      * runtime/ButterflyInlines.h: Copied from Source/JavaScriptCore/runtime/ButterflyInlineMethods.h.
      * runtime/IndexingHeaderInlineMethods.h: Removed.
      * runtime/IndexingHeaderInlines.h: Copied from Source/JavaScriptCore/runtime/IndexingHeaderInlineMethods.h.
      * runtime/JSActivation.h:
      * runtime/JSArray.cpp:
      * runtime/JSArray.h:
      * runtime/JSCell.h:
      * runtime/JSObject.cpp:
      * runtime/JSValueInlineMethods.h: Removed.
      * runtime/JSValueInlines.h: Copied from Source/JavaScriptCore/runtime/JSValueInlineMethods.h.
      * runtime/LiteralParser.cpp:
      * runtime/ObjectConstructor.cpp:
      * runtime/Operations.h:
      * runtime/RegExpMatchesArray.cpp:
      * runtime/RegExpObject.cpp:
      * runtime/StringPrototype.cpp:
      
      Source/WebCore: 
      
      No new tests.
      
      * GNUmakefile.list.am:
      * Target.pri:
      * WebCore.gypi:
      * WebCore.vcproj/WebCore.vcproj:
      * WebCore.xcodeproj/project.pbxproj:
      * html/parser/HTMLEntityParser.cpp:
      * html/parser/HTMLTokenizer.cpp:
      * html/track/WebVTTTokenizer.cpp:
      * xml/parser/CharacterReferenceParserInlineMethods.h: Removed.
      * xml/parser/CharacterReferenceParserInlines.h: Copied from Source/WebCore/xml/parser/CharacterReferenceParserInlineMethods.h.
      * xml/parser/MarkupTokenizerInlineMethods.h: Removed.
      * xml/parser/MarkupTokenizerInlines.h: Copied from Source/WebCore/xml/parser/MarkupTokenizerInlineMethods.h.
      * xml/parser/XMLCharacterReferenceParser.cpp:
      * xml/parser/XMLTokenizer.cpp:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133995 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a4fe7abf
  12. 08 Nov, 2012 1 commit
    • fpizlo@apple.com's avatar
      JSC should infer when indexed storage contains only integers or doubles · 75c91a79
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=98606
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      This adds two new indexing types: int32 and double. It also adds array allocation profiling,
      which allows array allocations to converge to allocating arrays using those types to which
      those arrays would have been converted.
              
      20% speed-up on navier-stokes. 40% speed-up on various Kraken DSP tests. Some slow-downs too,
      but a performance win overall on all benchmarks we track.
      
      * API/JSObjectRef.cpp:
      (JSObjectMakeArray):
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/AbstractMacroAssembler.h:
      (JumpList):
      (JSC::AbstractMacroAssembler::JumpList::JumpList):
      * assembler/MacroAssemblerX86Common.h:
      (JSC::MacroAssemblerX86Common::branchDouble):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::jnp):
      (X86Assembler):
      (JSC::X86Assembler::X86InstructionFormatter::emitRex):
      * bytecode/ArrayAllocationProfile.cpp: Added.
      (JSC):
      (JSC::ArrayAllocationProfile::updateIndexingType):
      * bytecode/ArrayAllocationProfile.h: Added.
      (JSC):
      (ArrayAllocationProfile):
      (JSC::ArrayAllocationProfile::ArrayAllocationProfile):
      (JSC::ArrayAllocationProfile::selectIndexingType):
      (JSC::ArrayAllocationProfile::updateLastAllocation):
      (JSC::ArrayAllocationProfile::selectIndexingTypeFor):
      (JSC::ArrayAllocationProfile::updateLastAllocationFor):
      * bytecode/ArrayProfile.cpp:
      (JSC::ArrayProfile::updatedObservedArrayModes):
      (JSC):
      * bytecode/ArrayProfile.h:
      (JSC):
      (JSC::arrayModesInclude):
      (JSC::shouldUseSlowPutArrayStorage):
      (JSC::shouldUseFastArrayStorage):
      (JSC::shouldUseContiguous):
      (JSC::shouldUseDouble):
      (JSC::shouldUseInt32):
      (ArrayProfile):
      * bytecode/ByValInfo.h:
      (JSC::isOptimizableIndexingType):
      (JSC::jitArrayModeForIndexingType):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::updateAllPredictionsAndCountLiveness):
      (JSC):
      (JSC::CodeBlock::updateAllValueProfilePredictions):
      (JSC::CodeBlock::updateAllArrayPredictions):
      (JSC::CodeBlock::updateAllPredictions):
      (JSC::CodeBlock::shouldOptimizeNow):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::numberOfArrayAllocationProfiles):
      (JSC::CodeBlock::addArrayAllocationProfile):
      (JSC::CodeBlock::updateAllValueProfilePredictions):
      (JSC::CodeBlock::updateAllArrayPredictions):
      * bytecode/DFGExitProfile.h:
      (JSC::DFG::exitKindToString):
      * bytecode/Instruction.h:
      (JSC):
      (JSC::Instruction::Instruction):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/SpeculatedType.h:
      (JSC):
      (JSC::isRealNumberSpeculation):
      * bytecode/UnlinkedCodeBlock.cpp:
      (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
      * bytecode/UnlinkedCodeBlock.h:
      (JSC):
      (JSC::UnlinkedCodeBlock::addArrayAllocationProfile):
      (JSC::UnlinkedCodeBlock::numberOfArrayAllocationProfiles):
      (UnlinkedCodeBlock):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::newArrayAllocationProfile):
      (JSC):
      (JSC::BytecodeGenerator::emitNewArray):
      (JSC::BytecodeGenerator::emitExpectedFunctionSnippet):
      * bytecompiler/BytecodeGenerator.h:
      (BytecodeGenerator):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::ArrayMode::fromObserved):
      (JSC::DFG::ArrayMode::refine):
      (DFG):
      (JSC::DFG::ArrayMode::alreadyChecked):
      (JSC::DFG::arrayTypeToString):
      * dfg/DFGArrayMode.h:
      (JSC::DFG::ArrayMode::withType):
      (ArrayMode):
      (JSC::DFG::ArrayMode::withTypeAndConversion):
      (JSC::DFG::ArrayMode::usesButterfly):
      (JSC::DFG::ArrayMode::isSpecific):
      (JSC::DFG::ArrayMode::supportsLength):
      (JSC::DFG::ArrayMode::arrayModesThatPassFiltering):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::getArrayMode):
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleIntrinsic):
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCCallHelpers.h:
      (JSC::DFG::CCallHelpers::setupArgumentsWithExecState):
      (CCallHelpers):
      * dfg/DFGCallArrayAllocatorSlowPathGenerator.h:
      (JSC::DFG::CallArrayAllocatorSlowPathGenerator::generateInternal):
      (JSC::DFG::CallArrayAllocatorWithVariableSizeSlowPathGenerator::generateInternal):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::checkArray):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::byValIsPure):
      * dfg/DFGNode.h:
      (NewArrayBufferData):
      (JSC::DFG::Node::hasIndexingType):
      (Node):
      (JSC::DFG::Node::indexingType):
      (JSC::DFG::Node::setIndexingType):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::emitAllocateJSArray):
      (JSC::DFG::SpeculativeJIT::jumpSlowForUnwantedArrayMode):
      (DFG):
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::arrayify):
      (JSC::DFG::SpeculativeJIT::compileDoublePutByVal):
      (JSC::DFG::SpeculativeJIT::compileGetArrayLength):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (SpeculativeJIT):
      (SpeculateIntegerOperand):
      (JSC::DFG::SpeculateIntegerOperand::use):
      (SpeculateDoubleOperand):
      (JSC::DFG::SpeculateDoubleOperand::use):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (DFG):
      (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JIT.h:
      (JSC::JIT::emitInt32GetByVal):
      (JIT):
      (JSC::JIT::emitInt32PutByVal):
      (JSC::JIT::emitDoublePutByVal):
      (JSC::JIT::emitContiguousPutByVal):
      * jit/JITExceptions.cpp:
      (JSC::genericThrow):
      * jit/JITInlineMethods.h:
      (JSC::arrayProfileSaw):
      (JSC::JIT::chooseArrayMode):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_new_array):
      (JSC::JIT::emit_op_new_array_with_size):
      (JSC::JIT::emit_op_new_array_buffer):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emitDoubleGetByVal):
      (JSC):
      (JSC::JIT::emitContiguousGetByVal):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::emitGenericContiguousPutByVal):
      (JSC::JIT::emitSlow_op_put_by_val):
      (JSC::JIT::privateCompileGetByVal):
      (JSC::JIT::privateCompilePutByVal):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emitContiguousGetByVal):
      (JSC::JIT::emitDoubleGetByVal):
      (JSC):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::emitGenericContiguousPutByVal):
      (JSC::JIT::emitSlow_op_put_by_val):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jit/JITStubs.h:
      (JSC):
      * jsc.cpp:
      (GlobalObject::finishCreation):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * offlineasm/x86.rb:
      * runtime/ArrayConstructor.cpp:
      (JSC::constructArrayWithSizeQuirk):
      * runtime/ArrayConstructor.h:
      (JSC):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncConcat):
      (JSC::arrayProtoFuncSlice):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      * runtime/Butterfly.h:
      (JSC::Butterfly::contiguousInt32):
      (JSC::Butterfly::contiguousDouble):
      (JSC::Butterfly::fromContiguous):
      * runtime/ButterflyInlineMethods.h:
      (JSC::Butterfly::createUninitializedDuringCollection):
      * runtime/FunctionPrototype.cpp:
      (JSC::functionProtoFuncBind):
      * runtime/IndexingHeaderInlineMethods.h:
      (JSC::IndexingHeader::indexingPayloadSizeInBytes):
      * runtime/IndexingType.cpp:
      (JSC::leastUpperBoundOfIndexingTypes):
      (JSC):
      (JSC::leastUpperBoundOfIndexingTypeAndType):
      (JSC::leastUpperBoundOfIndexingTypeAndValue):
      (JSC::indexingTypeToString):
      * runtime/IndexingType.h:
      (JSC):
      (JSC::hasUndecided):
      (JSC::hasInt32):
      (JSC::hasDouble):
      * runtime/JSArray.cpp:
      (JSC::JSArray::setLength):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCountWithAnyIndexingType):
      (JSC::JSArray::unshiftCountWithAnyIndexingType):
      (JSC::compareNumbersForQSortWithInt32):
      (JSC):
      (JSC::compareNumbersForQSortWithDouble):
      (JSC::JSArray::sortNumericVector):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sortCompactedVector):
      (JSC::JSArray::sort):
      (JSC::JSArray::sortVector):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToArguments):
      (JSC::JSArray::compactForSorting):
      * runtime/JSArray.h:
      (JSArray):
      (JSC::createContiguousArrayButterfly):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      (JSC):
      (JSC::JSGlobalObject::haveABadTime):
      (JSC::JSGlobalObject::visitChildren):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::originalArrayStructureForIndexingType):
      (JSC::JSGlobalObject::arrayStructureForIndexingTypeDuringAllocation):
      (JSC::JSGlobalObject::arrayStructureForProfileDuringAllocation):
      (JSC::JSGlobalObject::isOriginalArrayStructure):
      (JSC::constructEmptyArray):
      (JSC::constructArray):
      * runtime/JSObject.cpp:
      (JSC::JSObject::copyButterfly):
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::createInitialIndexedStorage):
      (JSC):
      (JSC::JSObject::createInitialUndecided):
      (JSC::JSObject::createInitialInt32):
      (JSC::JSObject::createInitialDouble):
      (JSC::JSObject::createInitialContiguous):
      (JSC::JSObject::convertUndecidedToInt32):
      (JSC::JSObject::convertUndecidedToDouble):
      (JSC::JSObject::convertUndecidedToContiguous):
      (JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements):
      (JSC::JSObject::convertUndecidedToArrayStorage):
      (JSC::JSObject::convertInt32ToDouble):
      (JSC::JSObject::convertInt32ToContiguous):
      (JSC::JSObject::convertInt32ToArrayStorage):
      (JSC::JSObject::convertDoubleToContiguous):
      (JSC::JSObject::convertDoubleToArrayStorage):
      (JSC::JSObject::convertContiguousToArrayStorage):
      (JSC::JSObject::convertUndecidedForValue):
      (JSC::JSObject::convertInt32ForValue):
      (JSC::JSObject::setIndexQuicklyToUndecided):
      (JSC::JSObject::convertInt32ToDoubleOrContiguousWhilePerformingSetIndex):
      (JSC::JSObject::convertDoubleToContiguousWhilePerformingSetIndex):
      (JSC::JSObject::ensureInt32Slow):
      (JSC::JSObject::ensureDoubleSlow):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::ensureArrayStorageSlow):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::switchToSlowPutArrayStorage):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC::JSObject::getOwnPropertyNames):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::getNewVectorLength):
      (JSC::JSObject::countElements):
      (JSC::JSObject::ensureLengthSlow):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSC::JSObject::getArrayLength):
      (JSC::JSObject::getVectorLength):
      (JSC::JSObject::canGetIndexQuickly):
      (JSC::JSObject::getIndexQuickly):
      (JSC::JSObject::tryGetIndexQuickly):
      (JSC::JSObject::canSetIndexQuickly):
      (JSC::JSObject::canSetIndexQuicklyForPutDirect):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::hasSparseMap):
      (JSC::JSObject::inSparseIndexingMode):
      (JSObject):
      (JSC::JSObject::ensureInt32):
      (JSC::JSObject::ensureDouble):
      (JSC::JSObject::ensureLength):
      (JSC::JSObject::indexingData):
      (JSC::JSObject::currentIndexingData):
      (JSC::JSObject::getHolyIndexQuickly):
      (JSC::JSObject::relevantLength):
      (JSC::JSObject::currentRelevantLength):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/LiteralParser.cpp:
      (JSC::::parse):
      * runtime/ObjectConstructor.cpp:
      (JSC::objectConstructorGetOwnPropertyNames):
      (JSC::objectConstructorKeys):
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncMatch):
      (JSC::stringProtoFuncSplit):
      * runtime/Structure.cpp:
      (JSC::Structure::nonPropertyTransition):
      * runtime/StructureTransitionTable.h:
      (JSC::newIndexingType):
      
      Source/WebCore: 
      
      Just refactoring WebCore to pass 0 for the ArrayAllocationProfile*.
      
      * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
      (WebCore::JSCanvasRenderingContext2D::webkitLineDash):
      * bindings/js/JSClipboardCustom.cpp:
      (WebCore::JSClipboard::types):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::jsArray):
      * bindings/js/JSDOMBinding.h:
      (WebCore::jsArray):
      * bindings/js/JSInjectedScriptHostCustom.cpp:
      (WebCore::getJSListenerFunctions):
      * bindings/js/JSJavaScriptCallFrameCustom.cpp:
      (WebCore::JSJavaScriptCallFrame::scopeChain):
      * bindings/js/JSMessageEventCustom.cpp:
      (WebCore::JSMessageEvent::ports):
      * bindings/js/JSMutationCallbackCustom.cpp:
      (WebCore::JSMutationCallback::handleEvent):
      * bindings/js/JSWebGLRenderingContextCustom.cpp:
      (WebCore::toJS):
      (WebCore::JSWebGLRenderingContext::getAttachedShaders):
      (WebCore::JSWebGLRenderingContext::getSupportedExtensions):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::deserialize):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@133953 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      75c91a79
  13. 06 Nov, 2012 1 commit
  14. 09 Oct, 2012 1 commit
    • fpizlo@apple.com's avatar
      JSC should infer when indexed storage is contiguous, and optimize for it · 0e9910a8
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97288
      
      Reviewed by Mark Hahnenberg.
      
      Source/JavaScriptCore: 
      
      This introduces a new kind of indexed property storage called Contiguous,
      which has the following properties:
              
      - No header bits beyond IndexedHeader. This results in a 16 byte reduction
        in memory usage per array versus an ArrayStorage array. It also means
        that the total memory usage for an empty array is now just 3 * 8 on both
        32-bit and 64-bit. Of that, only 8 bytes are array-specific; the rest is
        our standard object header overhead.
              
      - No need for hole checks on store. This results in a ~4% speed-up on
        Kraken and a ~1% speed-up on V8v7.
              
      - publicLength <= vectorLength. This means that doing new Array(blah)
        immediately allocates room for blah elements.
              
      - No sparse map or index bias.
              
      If you ever do things to an array that would require publicLength >
      vectorLength, a sparse map, or index bias, then we switch to ArrayStorage
      mode. This seems to never happen in any benchmark we track, and is unlikely
      to happen very frequently on any website.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/AbstractMacroAssembler.h:
      (JSC::AbstractMacroAssembler::JumpList::append):
      * assembler/MacroAssembler.h:
      (MacroAssembler):
      (JSC::MacroAssembler::patchableBranchTest32):
      * bytecode/ByValInfo.h: Added.
      (JSC):
      (JSC::isOptimizableIndexingType):
      (JSC::jitArrayModeForIndexingType):
      (JSC::ByValInfo::ByValInfo):
      (ByValInfo):
      (JSC::getByValInfoBytecodeIndex):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::getByValInfo):
      (JSC::CodeBlock::setNumberOfByValInfos):
      (JSC::CodeBlock::numberOfByValInfos):
      (JSC::CodeBlock::byValInfo):
      * bytecode/SamplingTool.h:
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::fromObserved):
      (JSC::DFG::modeAlreadyChecked):
      (JSC::DFG::modeToString):
      * dfg/DFGArrayMode.h:
      (DFG):
      (JSC::DFG::modeUsesButterfly):
      (JSC::DFG::modeIsJSArray):
      (JSC::DFG::isInBoundsAccess):
      (JSC::DFG::mayStoreToTail):
      (JSC::DFG::mayStoreToHole):
      (JSC::DFG::modeIsPolymorphic):
      (JSC::DFG::polymorphicIncludesContiguous):
      (JSC::DFG::polymorphicIncludesArrayStorage):
      (JSC::DFG::canCSEStorage):
      (JSC::DFG::modeSupportsLength):
      (JSC::DFG::benefitsFromStructureCheck):
      (JSC::DFG::isEffectful):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleIntrinsic):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::getArrayLengthElimination):
      (JSC::DFG::CSEPhase::getByValLoadElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::checkArray):
      (JSC::DFG::FixupPhase::blessArrayOperation):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::byValIsPure):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::tryCacheGetByID):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::arrayify):
      (JSC::DFG::SpeculativeJIT::compileGetArrayLength):
      (JSC::DFG::SpeculativeJIT::temporaryRegisterForPutByVal):
      (DFG):
      * dfg/DFGSpeculativeJIT.h:
      (DFG):
      (JSC::DFG::SpeculativeJIT::callOperation):
      (SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::putByValWillNeedExtraRegister):
      (JSC::DFG::SpeculativeJIT::temporaryRegisterForPutByVal):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compileContiguousGetByVal):
      (DFG):
      (JSC::DFG::SpeculativeJIT::compileArrayStorageGetByVal):
      (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
      (JSC::DFG::SpeculativeJIT::compileArrayStoragePutByVal):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compileContiguousGetByVal):
      (DFG):
      (JSC::DFG::SpeculativeJIT::compileArrayStorageGetByVal):
      (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
      (JSC::DFG::SpeculativeJIT::compileArrayStoragePutByVal):
      (JSC::DFG::SpeculativeJIT::compile):
      * interpreter/Interpreter.cpp:
      (SamplingScope):
      (JSC::SamplingScope::SamplingScope):
      (JSC::SamplingScope::~SamplingScope):
      (JSC):
      (JSC::Interpreter::execute):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JIT.h:
      (JSC::ByValCompilationInfo::ByValCompilationInfo):
      (ByValCompilationInfo):
      (JSC):
      (JIT):
      (JSC::JIT::compileGetByVal):
      (JSC::JIT::compilePutByVal):
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateJSArray):
      (JSC::JIT::emitArrayProfileStoreToHoleSpecialCase):
      (JSC):
      (JSC::arrayProfileSaw):
      (JSC::JIT::chooseArrayMode):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emitSlow_op_get_argument_by_val):
      (JSC::JIT::emit_op_new_array):
      (JSC::JIT::emitSlow_op_new_array):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emitSlow_op_get_argument_by_val):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC):
      (JSC::JIT::emitContiguousGetByVal):
      (JSC::JIT::emitArrayStorageGetByVal):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::emitContiguousPutByVal):
      (JSC::JIT::emitArrayStoragePutByVal):
      (JSC::JIT::emitSlow_op_put_by_val):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByVal):
      (JSC::JIT::privateCompilePutByVal):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC):
      (JSC::JIT::emitContiguousGetByVal):
      (JSC::JIT::emitArrayStorageGetByVal):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::emitContiguousPutByVal):
      (JSC::JIT::emitArrayStoragePutByVal):
      (JSC::JIT::emitSlow_op_put_by_val):
      * jit/JITStubs.cpp:
      (JSC::getByVal):
      (JSC):
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::putByVal):
      * jit/JITStubs.h:
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/ArrayConventions.h:
      (JSC::isDenseEnoughForVector):
      * runtime/ArrayPrototype.cpp:
      (JSC):
      (JSC::shift):
      (JSC::unshift):
      (JSC::arrayProtoFuncPush):
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      * runtime/Butterfly.h:
      (Butterfly):
      (JSC::Butterfly::fromPointer):
      (JSC::Butterfly::pointer):
      (JSC::Butterfly::publicLength):
      (JSC::Butterfly::vectorLength):
      (JSC::Butterfly::setPublicLength):
      (JSC::Butterfly::setVectorLength):
      (JSC::Butterfly::contiguous):
      (JSC::Butterfly::fromContiguous):
      * runtime/ButterflyInlineMethods.h:
      (JSC::Butterfly::unshift):
      (JSC::Butterfly::shift):
      * runtime/IndexingHeaderInlineMethods.h:
      (JSC::IndexingHeader::indexingPayloadSizeInBytes):
      * runtime/IndexingType.cpp: Added.
      (JSC):
      (JSC::indexingTypeToString):
      * runtime/IndexingType.h:
      (JSC):
      (JSC::hasContiguous):
      * runtime/JSArray.cpp:
      (JSC::JSArray::setLengthWithArrayStorage):
      (JSC::JSArray::setLength):
      (JSC):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCountWithArrayStorage):
      (JSC::JSArray::shiftCountWithAnyIndexingType):
      (JSC::JSArray::unshiftCountWithArrayStorage):
      (JSC::JSArray::unshiftCountWithAnyIndexingType):
      (JSC::JSArray::sortNumericVector):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sortCompactedVector):
      (JSC::JSArray::sort):
      (JSC::JSArray::sortVector):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToArguments):
      (JSC::JSArray::compactForSorting):
      * runtime/JSArray.h:
      (JSC::JSArray::shiftCountForShift):
      (JSC::JSArray::shiftCountForSplice):
      (JSArray):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCountForShift):
      (JSC::JSArray::unshiftCountForSplice):
      (JSC::JSArray::unshiftCount):
      (JSC::JSArray::isLengthWritable):
      (JSC::createContiguousArrayButterfly):
      (JSC):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      (JSC):
      (JSC::JSGlobalObject::haveABadTime):
      (JSC::JSGlobalObject::visitChildren):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::arrayStructureWithArrayStorage):
      (JSC::JSGlobalObject::addressOfArrayStructureWithArrayStorage):
      (JSC::constructEmptyArray):
      * runtime/JSObject.cpp:
      (JSC::JSObject::visitButterfly):
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::createInitialContiguous):
      (JSC):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::convertContiguousToArrayStorage):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::ensureArrayStorageSlow):
      (JSC::JSObject::ensureIndexedStorageSlow):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::switchToSlowPutArrayStorage):
      (JSC::JSObject::setPrototype):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC::JSObject::getOwnPropertyNames):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::JSObject::putByIndexBeyondVectorLengthContiguousWithoutAttributes):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::getNewVectorLength):
      (JSC::JSObject::countElementsInContiguous):
      (JSC::JSObject::increaseVectorLength):
      (JSC::JSObject::ensureContiguousLengthSlow):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSC::JSObject::getArrayLength):
      (JSC::JSObject::getVectorLength):
      (JSC::JSObject::canGetIndexQuickly):
      (JSC::JSObject::getIndexQuickly):
      (JSC::JSObject::tryGetIndexQuickly):
      (JSC::JSObject::canSetIndexQuickly):
      (JSC::JSObject::canSetIndexQuicklyForPutDirect):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::hasSparseMap):
      (JSC::JSObject::inSparseIndexingMode):
      (JSObject):
      (JSC::JSObject::ensureContiguous):
      (JSC::JSObject::ensureIndexedStorage):
      (JSC::JSObject::ensureContiguousLength):
      (JSC::JSObject::indexingData):
      (JSC::JSObject::relevantLength):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/Options.cpp:
      (JSC::Options::initialize):
      * runtime/Structure.cpp:
      (JSC::Structure::needsSlowPutIndexing):
      (JSC):
      (JSC::Structure::suggestedArrayStorageTransition):
      * runtime/Structure.h:
      (Structure):
      * runtime/StructureTransitionTable.h:
      (JSC::newIndexingType):
      
      Source/WTF: 
      
      Moved out this helpful math utility to MathExtras, since we now use it in
      multiple places.
      
      * wtf/MathExtras.h:
      (timesThreePlusOneDividedByTwo):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@130826 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0e9910a8
  15. 03 Oct, 2012 1 commit
  16. 02 Oct, 2012 1 commit
    • fpizlo@apple.com's avatar
      Address a FIXME in JSArray::sort · b5e07304
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=98080
      <rdar://problem/12407844>
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      Get rid of fast sorting of sparse maps. I don't know that it's broken but I do know that we don't
      have coverage for it. Then also address the FIXME in JSArray::sort regarding side-effecting
      compare functions.
      
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncSort):
      * runtime/JSArray.cpp:
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sort):
      (JSC::JSArray::compactForSorting):
      * runtime/JSArray.h:
      (JSArray):
      * runtime/JSObject.h:
      (JSC::JSObject::hasSparseMap):
      (JSObject):
      
      LayoutTests: 
      
      * fast/js/jsc-test-list:
      * fast/js/script-tests/sort-with-side-effecting-comparisons.js: Added.
      * fast/js/sort-with-side-effecting-comparisons-expected.txt: Added.
      * fast/js/sort-with-side-effecting-comparisons.html: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@130102 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b5e07304
  17. 26 Sep, 2012 1 commit
    • msaboff@apple.com's avatar
      Add ability for JSArray::unshiftCount to unshift in middle of an array · a1c33e2b
      msaboff@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97691
      
      Reviewed by Filip Pizlo.
      
      Changed JSArray::unshiftCount and unshiftCountSlowCase to handle unshifting from the middle of an
      array.  Depending on where the unshift point is, either the front part of the array will be moved
      "left" or the back part will be moved right.  Given that unshiftCount only works on contiguous
      arrays it is safe to use memmove for the moves.
      
      This change is worth 25% performance improvement on pdfjs.  It doesn't seem to have any impact on
      any other benchmarks.
      
      * runtime/ArrayPrototype.cpp:
      (JSC::unshift):
      * runtime/JSArray.cpp:
      (JSC::JSArray::unshiftCountSlowCase):
      (JSC::JSArray::unshiftCount):
      * runtime/JSArray.h:
      (JSArray):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129676 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a1c33e2b
  18. 20 Sep, 2012 1 commit
    • fpizlo@apple.com's avatar
      CHECK_ARRAY_CONSISTENCY isn't being used or tested, so we should remove it · 658e5ebd
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97260
      
      Rubber stamped by Geoffrey Garen.
              
      Supporting it will become difficult as we add more indexing types. It makes more
      sense to kill, especially since we don't appear to use it or test it, ever.
      
      * runtime/ArrayConventions.h:
      (JSC):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncSplice):
      * runtime/ArrayStorage.h:
      (JSC::ArrayStorage::copyHeaderFromDuringGC):
      (ArrayStorage):
      * runtime/FunctionPrototype.cpp:
      (JSC::functionProtoFuncBind):
      * runtime/JSArray.cpp:
      (JSC::createArrayButterflyInDictionaryIndexingMode):
      (JSC::JSArray::setLength):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sort):
      (JSC::JSArray::compactForSorting):
      * runtime/JSArray.h:
      (JSArray):
      (JSC::createArrayButterfly):
      (JSC::JSArray::tryCreateUninitialized):
      (JSC::constructArray):
      * runtime/JSObject.cpp:
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC):
      * runtime/JSObject.h:
      (JSC::JSObject::initializeIndex):
      (JSObject):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129179 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      658e5ebd
  19. 17 Sep, 2012 1 commit
    • fpizlo@apple.com's avatar
      If a prototype has indexed setters and its instances have indexed storage,... · 1c4a32c9
      fpizlo@apple.com authored
      If a prototype has indexed setters and its instances have indexed storage, then all put_by_val's should have a bad time
      https://bugs.webkit.org/show_bug.cgi?id=96596
      
      Reviewed by Gavin Barraclough.
      
      Source/JavaScriptCore: 
      
      Added comprehensive support for accessors and read-only indexed properties on the
      prototype chain. This is done without any performance regression on benchmarks that
      we're aware of, by having the entire VM's strategy with respect to arrays tilted
      heavily in favor of:
              
      - The prototype chain of JSArrays never having any accessors or read-only indexed
        properties. If that changes, you're going to have a bad time.
              
      - Prototypes of non-JSArray objects either having no indexed accessors or read-only
        indexed properties, or, having those indexed accessor thingies inserted before
        any instance object (i.e. object with that prototype as its prototype) is created.
        If you add indexed accessors or read-only indexed properties to an object that is
        already used as a prototype, you're going to have a bad time.
              
      See below for the exact definition of having a bad time.
              
      Put another way, "fair" uses of indexed accessors and read-only indexed properties
      are:
              
      - Put indexed accessors and read-only indexed properties on an object that is never
        used as a prototype. This will slow down accesses to that object, but will not
        have any effect on any other object.
              
      - Put those indexed accessor thingies on an object before it is used as a prototype
        and then start instantiating objects that claim that object as their prototype.
        This will slightly slow down indexed stores to the instance objects, and greatly
        slow down all indexed accesses to the prototype, but will have no other effect.
              
      In short, "fair" uses only affect the object itself and any instance objects. But
      if you start using indexed accessors in more eclectic ways, you're going to have
      a bad time.
              
      Specifically, if an object that may be used as a prototype has an indexed accessor
      added, the VM performs a whole-heap scan to find all objects that belong to the
      same global object as the prototype you modified. If any of those objects has
      indexed storage, their indexed storage is put into slow-put mode, just as if their
      prototype chain had indexed accessors. This will happen even for objects that do
      not currently have indexed accessors in their prototype chain. As well, all JSArray
      allocations are caused to create arrays with slow-put storage, and all future
      allocations of indexed storage for non-JSArray objects are also flipped to slow-put
      mode. Note there are two aspects to having a bad time: (i) the whole-heap scan and
      (ii) the poisoning of all indexed storage in the entire global object. (i) is
      necessary for correctness. If we detect that an object that may be used as a
      prototype has had an indexed accessor or indexed read-only property inserted into
      it, then we need to ensure that henceforth all instances of that object inspect
      the prototype chain whenever an indexed hole is stored to. But by default, indexed
      stores do no such checking because doing so would be unnecessarily slow. So, we must
      find all instances of the affected object and flip them into a different array
      storage mode that omits all hole optimizations. Since prototypes never keep a list
      of instance objects, the only way to find those objects is a whole-heap scan. But
      (i) alone would be a potential disaster, if a program frequently allocated an
      object without indexed accessors, then allocated a bunch of objects that used that
      one as their prototype, and then added indexed accessors to the prototype. So, to
      prevent massive heap scan storms in such awkward programs, having a bad time also
      implies (ii): henceforth *all* objects belonging to that global object will use
      slow put indexed storage, so that we don't ever have to scan the heap again. Note
      that here we are using the global object as just an approximation of a program
      module; it may be worth investigating in the future if other approximations can be
      used instead.
      
      * bytecode/ArrayProfile.h:
      (JSC):
      (JSC::arrayModeFromStructure):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::fromObserved):
      (JSC::DFG::modeAlreadyChecked):
      (JSC::DFG::modeToString):
      * dfg/DFGArrayMode.h:
      (DFG):
      (JSC::DFG::isSlowPutAccess):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::checkArray):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JIT.h:
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateJSArray):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_new_array):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::finishCreation):
      (JSC::arrayProtoFuncSort):
      * runtime/IndexingType.h:
      (JSC):
      (JSC::hasIndexedProperties):
      (JSC::hasIndexingHeader):
      (JSC::hasArrayStorage):
      (JSC::shouldUseSlowPut):
      * runtime/JSArray.cpp:
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToArguments):
      * runtime/JSArray.h:
      (JSC::JSArray::createStructure):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC::JSGlobalObject::reset):
      (JSC):
      (JSC::JSGlobalObject::haveABadTime):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::addressOfArrayStructure):
      (JSC::JSGlobalObject::havingABadTimeWatchpoint):
      (JSC::JSGlobalObject::isHavingABadTime):
      * runtime/JSObject.cpp:
      (JSC::JSObject::visitButterfly):
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::put):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::notifyPresenceOfIndexedAccessors):
      (JSC):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::switchToSlowPutArrayStorage):
      (JSC::JSObject::setPrototype):
      (JSC::JSObject::resetInheritorID):
      (JSC::JSObject::inheritorID):
      (JSC::JSObject::allowsAccessFrom):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC::JSObject::getOwnPropertyNames):
      (JSC::JSObject::unwrappedGlobalObject):
      (JSC::JSObject::notifyUsedAsPrototype):
      (JSC::JSObject::createInheritorID):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::JSObject::attemptToInterceptPutByIndexOnHoleForPrototype):
      (JSC::JSObject::attemptToInterceptPutByIndexOnHole):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::getNewVectorLength):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSC::JSObject::mayBeUsedAsPrototype):
      (JSObject):
      (JSC::JSObject::mayInterceptIndexedAccesses):
      (JSC::JSObject::getArrayLength):
      (JSC::JSObject::getVectorLength):
      (JSC::JSObject::canGetIndexQuickly):
      (JSC::JSObject::getIndexQuickly):
      (JSC::JSObject::canSetIndexQuickly):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::completeInitialization):
      (JSC::JSObject::inSparseIndexingMode):
      (JSC::JSObject::arrayStorage):
      (JSC::JSObject::arrayStorageOrNull):
      (JSC::JSObject::ensureArrayStorage):
      (JSC):
      (JSC::JSValue::putByIndex):
      * runtime/JSValue.cpp:
      (JSC::JSValue::putToPrimitive):
      (JSC::JSValue::putToPrimitiveByIndex):
      (JSC):
      * runtime/JSValue.h:
      (JSValue):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::finishCreation):
      * runtime/SparseArrayValueMap.cpp:
      (JSC::SparseArrayValueMap::putEntry):
      (JSC::SparseArrayEntry::put):
      (JSC):
      * runtime/SparseArrayValueMap.h:
      (JSC):
      (SparseArrayEntry):
      * runtime/Structure.cpp:
      (JSC::Structure::anyObjectInChainMayInterceptIndexedAccesses):
      (JSC):
      (JSC::Structure::suggestedIndexingTransition):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::mayInterceptIndexedAccesses):
      * runtime/StructureTransitionTable.h:
      (JSC::newIndexingType):
      
      LayoutTests: 
      
      Removed failing expectation for primitive-property-access-edge-cases, and
      added more tests to cover the numerical-setter-on-prototype cases.
      
      * fast/js/array-bad-time-expected.txt: Added.
      * fast/js/array-bad-time.html: Added.
      * fast/js/array-slow-put-expected.txt: Added.
      * fast/js/array-slow-put.html: Added.
      * fast/js/cross-frame-bad-time-expected.txt: Added.
      * fast/js/cross-frame-bad-time.html: Added.
      * fast/js/jsc-test-list:
      * fast/js/object-bad-time-expected.txt: Added.
      * fast/js/object-bad-time.html: Added.
      * fast/js/object-slow-put-expected.txt: Added.
      * fast/js/object-slow-put.html: Added.
      * fast/js/script-tests/array-bad-time.js: Added.
      * fast/js/script-tests/array-slow-put.js: Added.
      (foo):
      * fast/js/script-tests/cross-frame-bad-time.js: Added.
      (foo):
      * fast/js/script-tests/object-bad-time.js: Added.
      (Cons):
      * fast/js/script-tests/object-slow-put.js: Added.
      (Cons):
      (foo):
      * platform/mac/fast/js/primitive-property-access-edge-cases-expected.txt: Removed.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128802 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1c4a32c9
  20. 13 Sep, 2012 1 commit
    • fpizlo@apple.com's avatar
      JSC should have property butterflies · d8dd0535
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=91933
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      This changes the JSC object model. Previously, all objects had fast lookup for
      named properties. Integer indexed properties were only fast if you used a
      JSArray. With this change, all objects have fast indexed properties. This is
      accomplished without any space overhead by using a bidirectional object layout,
      aka butterflies. Each JSObject has a m_butterfly pointer where previously it
      had a m_outOfLineStorage pointer. To the left of the location pointed to by
      m_butterfly, we place all named out-of-line properties. To the right, we place
      all indexed properties along with indexing meta-data. Though, some indexing
      meta-data is placed in the 8-byte word immediately left of the pointed-to
      location; this is in anticipation of the indexing meta-data being small enough
      in the common case that m_butterfly always points to the first indexed
      property.
              
      This is performance neutral, except on tests that use indexed properties on
      plain objects, where the speed-up is in excess of an order of magnitude.
              
      One notable aspect of what this change brings is that it allows indexing
      storage to morph over time. Currently this is only used to allow all non-array
      objects to start out without any indexed storage. But it could be used for
      some kinds of array type inference in the future.
      
      * API/JSCallbackObject.h:
      (JSCallbackObject):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertySlotByIndex):
      (JSC):
      (JSC::::getOwnNonIndexPropertyNames):
      * API/JSObjectRef.cpp:
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/ArrayProfile.h:
      (JSC):
      (JSC::arrayModeFromStructure):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitDirectPutById):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGAdjacencyList.h:
      (JSC::DFG::AdjacencyList::AdjacencyList):
      (AdjacencyList):
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::fromObserved):
      (JSC::DFG::modeAlreadyChecked):
      (JSC::DFG::modeToString):
      * dfg/DFGArrayMode.h:
      (DFG):
      (JSC::DFG::modeUsesButterfly):
      (JSC::DFG::modeIsJSArray):
      (JSC::DFG::isInBoundsAccess):
      (JSC::DFG::modeSupportsLength):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleGetByOffset):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::getPropertyStorageLoadElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::addNode):
      (FixupPhase):
      (JSC::DFG::FixupPhase::checkArray):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::byValIsPure):
      * dfg/DFGNode.h:
      (JSC::DFG::Node::Node):
      (Node):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOperations.cpp:
      (JSC::DFG::putByVal):
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      (JSC::DFG::tryBuildPutByIdList):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
      (JSC::DFG::SpeculativeJIT::compileGetArrayLength):
      (JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage):
      (JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGStructureCheckHoistingPhase.cpp:
      (JSC::DFG::StructureCheckHoistingPhase::run):
      * heap/CopiedSpace.h:
      (CopiedSpace):
      * jit/JIT.h:
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateBasicJSObject):
      (JSC::JIT::emitAllocateBasicStorage):
      (JSC::JIT::emitAllocateJSArray):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_new_array):
      (JSC::JIT::emitSlow_op_new_array):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jsc.cpp:
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/Arguments.cpp:
      (JSC::Arguments::deletePropertyByIndex):
      (JSC::Arguments::defineOwnProperty):
      * runtime/ArrayConstructor.cpp:
      * runtime/ArrayConventions.h: Added.
      (JSC):
      (JSC::isDenseEnoughForVector):
      (JSC::indexingHeaderForArray):
      (JSC::baseIndexingHeaderForArray):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::create):
      (JSC):
      (JSC::ArrayPrototype::ArrayPrototype):
      (JSC::arrayProtoFuncToString):
      (JSC::arrayProtoFuncJoin):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      (JSC::arrayProtoFuncEvery):
      (JSC::arrayProtoFuncForEach):
      (JSC::arrayProtoFuncSome):
      (JSC::arrayProtoFuncReduce):
      (JSC::arrayProtoFuncReduceRight):
      * runtime/ArrayPrototype.h:
      (ArrayPrototype):
      (JSC::ArrayPrototype::createStructure):
      * runtime/ArrayStorage.h: Added.
      (JSC):
      (ArrayStorage):
      (JSC::ArrayStorage::ArrayStorage):
      (JSC::ArrayStorage::from):
      (JSC::ArrayStorage::butterfly):
      (JSC::ArrayStorage::indexingHeader):
      (JSC::ArrayStorage::length):
      (JSC::ArrayStorage::setLength):
      (JSC::ArrayStorage::vectorLength):
      (JSC::ArrayStorage::setVectorLength):
      (JSC::ArrayStorage::copyHeaderFromDuringGC):
      (JSC::ArrayStorage::inSparseMode):
      (JSC::ArrayStorage::lengthOffset):
      (JSC::ArrayStorage::vectorLengthOffset):
      (JSC::ArrayStorage::numValuesInVectorOffset):
      (JSC::ArrayStorage::vectorOffset):
      (JSC::ArrayStorage::indexBiasOffset):
      (JSC::ArrayStorage::sparseMapOffset):
      (JSC::ArrayStorage::sizeFor):
      * runtime/Butterfly.h: Added.
      (JSC):
      (Butterfly):
      (JSC::Butterfly::Butterfly):
      (JSC::Butterfly::totalSize):
      (JSC::Butterfly::fromBase):
      (JSC::Butterfly::offsetOfIndexingHeader):
      (JSC::Butterfly::offsetOfPublicLength):
      (JSC::Butterfly::offsetOfVectorLength):
      (JSC::Butterfly::indexingHeader):
      (JSC::Butterfly::propertyStorage):
      (JSC::Butterfly::indexingPayload):
      (JSC::Butterfly::arrayStorage):
      (JSC::Butterfly::offsetOfPropertyStorage):
      (JSC::Butterfly::indexOfPropertyStorage):
      (JSC::Butterfly::base):
      * runtime/ButterflyInlineMethods.h: Added.
      (JSC):
      (JSC::Butterfly::createUninitialized):
      (JSC::Butterfly::create):
      (JSC::Butterfly::createUninitializedDuringCollection):
      (JSC::Butterfly::base):
      (JSC::Butterfly::growPropertyStorage):
      (JSC::Butterfly::growArrayRight):
      (JSC::Butterfly::resizeArray):
      (JSC::Butterfly::unshift):
      (JSC::Butterfly::shift):
      * runtime/ClassInfo.h:
      (MethodTable):
      (JSC):
      * runtime/IndexingHeader.h: Added.
      (JSC):
      (IndexingHeader):
      (JSC::IndexingHeader::offsetOfIndexingHeader):
      (JSC::IndexingHeader::offsetOfPublicLength):
      (JSC::IndexingHeader::offsetOfVectorLength):
      (JSC::IndexingHeader::IndexingHeader):
      (JSC::IndexingHeader::vectorLength):
      (JSC::IndexingHeader::setVectorLength):
      (JSC::IndexingHeader::publicLength):
      (JSC::IndexingHeader::setPublicLength):
      (JSC::IndexingHeader::from):
      (JSC::IndexingHeader::fromEndOf):
      (JSC::IndexingHeader::propertyStorage):
      (JSC::IndexingHeader::arrayStorage):
      (JSC::IndexingHeader::butterfly):
      * runtime/IndexingHeaderInlineMethods.h: Added.
      (JSC):
      (JSC::IndexingHeader::preCapacity):
      (JSC::IndexingHeader::indexingPayloadSizeInBytes):
      * runtime/IndexingType.h: Added.
      (JSC):
      (JSC::hasIndexingHeader):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::JSActivation):
      (JSC::JSActivation::visitChildren):
      (JSC::JSActivation::getOwnNonIndexPropertyNames):
      * runtime/JSActivation.h:
      (JSActivation):
      (JSC::JSActivation::tearOff):
      * runtime/JSArray.cpp:
      (JSC):
      (JSC::createArrayButterflyInDictionaryIndexingMode):
      (JSC::JSArray::setLengthWritable):
      (JSC::JSArray::defineOwnProperty):
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::deleteProperty):
      (JSC::JSArray::getOwnNonIndexPropertyNames):
      (JSC::JSArray::unshiftCountSlowCase):
      (JSC::JSArray::setLength):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCount):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sort):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToArguments):
      (JSC::JSArray::compactForSorting):
      * runtime/JSArray.h:
      (JSC):
      (JSArray):
      (JSC::JSArray::JSArray):
      (JSC::JSArray::length):
      (JSC::JSArray::createStructure):
      (JSC::JSArray::isLengthWritable):
      (JSC::createArrayButterfly):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      * runtime/JSBoundFunction.cpp:
      (JSC::boundFunctionCall):
      (JSC::boundFunctionConstruct):
      (JSC::JSBoundFunction::finishCreation):
      * runtime/JSCell.cpp:
      (JSC::JSCell::getOwnNonIndexPropertyNames):
      (JSC):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::getOwnPropertyDescriptor):
      (JSC::JSFunction::getOwnNonIndexPropertyNames):
      (JSC::JSFunction::defineOwnProperty):
      * runtime/JSFunction.h:
      (JSFunction):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      * runtime/JSONObject.cpp:
      (JSC::Stringifier::Holder::appendNextProperty):
      (JSC::Walker::walk):
      * runtime/JSObject.cpp:
      (JSC):
      (JSC::JSObject::visitButterfly):
      (JSC::JSObject::visitChildren):
      (JSC::JSFinalObject::visitChildren):
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::put):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::createInitialArrayStorage):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::putDirectAccessor):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC::JSObject::getOwnPropertyNames):
      (JSC::JSObject::getOwnNonIndexPropertyNames):
      (JSC::JSObject::preventExtensions):
      (JSC::JSObject::fillGetterPropertySlot):
      (JSC::JSObject::putIndexedDescriptor):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::JSObject::allocateSparseIndexMap):
      (JSC::JSObject::deallocateSparseIndexMap):
      (JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::getNewVectorLength):
      (JSC::JSObject::increaseVectorLength):
      (JSC::JSObject::checkIndexingConsistency):
      (JSC::JSObject::growOutOfLineStorage):
      (JSC::JSObject::getOwnPropertyDescriptor):
      (JSC::putDescriptor):
      (JSC::JSObject::putDirectMayBeIndex):
      (JSC::JSObject::defineOwnNonIndexProperty):
      (JSC::JSObject::defineOwnProperty):
      (JSC::JSObject::getOwnPropertySlotSlow):
      * runtime/JSObject.h:
      (JSC::JSObject::getArrayLength):
      (JSObject):
      (JSC::JSObject::getVectorLength):
      (JSC::JSObject::putDirectIndex):
      (JSC::JSObject::canGetIndexQuickly):
      (JSC::JSObject::getIndexQuickly):
      (JSC::JSObject::canSetIndexQuickly):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::completeInitialization):
      (JSC::JSObject::inSparseIndexingMode):
      (JSC::JSObject::butterfly):
      (JSC::JSObject::outOfLineStorage):
      (JSC::JSObject::offsetForLocation):
      (JSC::JSObject::indexingShouldBeSparse):
      (JSC::JSObject::butterflyOffset):
      (JSC::JSObject::butterflyAddress):
      (JSC::JSObject::arrayStorage):
      (JSC::JSObject::arrayStorageOrZero):
      (JSC::JSObject::ensureArrayStorage):
      (JSC::JSObject::checkIndexingConsistency):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC):
      (JSC::JSObject::setButterfly):
      (JSC::JSObject::setButterflyWithoutChangingStructure):
      (JSC::JSObject::JSObject):
      (JSC::JSObject::inlineGetOwnPropertySlot):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::setStructureAndReallocateStorageIfNecessary):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC::offsetInButterfly):
      (JSC::offsetRelativeToPatchedStorage):
      (JSC::indexRelativeToBase):
      (JSC::offsetRelativeToBase):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSSymbolTableObject.cpp:
      (JSC::JSSymbolTableObject::getOwnNonIndexPropertyNames):
      * runtime/JSSymbolTableObject.h:
      (JSSymbolTableObject):
      * runtime/JSTypeInfo.h:
      (JSC):
      (JSC::TypeInfo::interceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero):
      (JSC::TypeInfo::overridesGetPropertyNames):
      * runtime/LiteralParser.cpp:
      (JSC::::parse):
      * runtime/ObjectConstructor.cpp:
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::ObjectPrototype):
      (JSC):
      * runtime/ObjectPrototype.h:
      (ObjectPrototype):
      * runtime/PropertyOffset.h:
      (JSC::offsetInOutOfLineStorage):
      * runtime/PropertyStorage.h: Added.
      (JSC):
      * runtime/PutDirectIndexMode.h: Added.
      (JSC):
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::RegExpMatchesArray):
      (JSC):
      (JSC::RegExpMatchesArray::create):
      (JSC::RegExpMatchesArray::finishCreation):
      * runtime/RegExpMatchesArray.h:
      (RegExpMatchesArray):
      (JSC::RegExpMatchesArray::createStructure):
      * runtime/RegExpObject.cpp:
      (JSC::RegExpObject::getOwnNonIndexPropertyNames):
      * runtime/RegExpObject.h:
      (RegExpObject):
      * runtime/Reject.h: Added.
      (JSC):
      (JSC::reject):
      * runtime/SparseArrayValueMap.cpp: Added.
      (JSC):
      * runtime/SparseArrayValueMap.h: Added.
      (JSC):
      (SparseArrayEntry):
      (JSC::SparseArrayEntry::SparseArrayEntry):
      (SparseArrayValueMap):
      (JSC::SparseArrayValueMap::sparseMode):
      (JSC::SparseArrayValueMap::setSparseMode):
      (JSC::SparseArrayValueMap::lengthIsReadOnly):
      (JSC::SparseArrayValueMap::setLengthIsReadOnly):
      (JSC::SparseArrayValueMap::find):
      (JSC::SparseArrayValueMap::remove):
      (JSC::SparseArrayValueMap::notFound):
      (JSC::SparseArrayValueMap::isEmpty):
      (JSC::SparseArrayValueMap::contains):
      (JSC::SparseArrayValueMap::size):
      (JSC::SparseArrayValueMap::begin):
      (JSC::SparseArrayValueMap::end):
      * runtime/SparseArrayValueMapInlineMethods.h: Added.
      (JSC):
      (JSC::SparseArrayValueMap::SparseArrayValueMap):
      (JSC::SparseArrayValueMap::~SparseArrayValueMap):
      (JSC::SparseArrayValueMap::finishCreation):
      (JSC::SparseArrayValueMap::create):
      (JSC::SparseArrayValueMap::destroy):
      (JSC::SparseArrayValueMap::createStructure):
      (JSC::SparseArrayValueMap::add):
      (JSC::SparseArrayValueMap::putEntry):
      (JSC::SparseArrayValueMap::putDirect):
      (JSC::SparseArrayEntry::get):
      (JSC::SparseArrayEntry::getNonSparseMode):
      (JSC::SparseArrayValueMap::visitChildren):
      * runtime/StorageBarrier.h: Removed.
      * runtime/StringObject.cpp:
      (JSC::StringObject::putByIndex):
      (JSC):
      (JSC::StringObject::deletePropertyByIndex):
      * runtime/StringObject.h:
      (StringObject):
      * runtime/StringPrototype.cpp:
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::Structure::nonPropertyTransition):
      (JSC):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::indexingType):
      (JSC::Structure::indexingTypeIncludingHistory):
      (JSC::Structure::indexingTypeOffset):
      (JSC::Structure::create):
      * runtime/StructureTransitionTable.h:
      (JSC):
      (JSC::toAttributes):
      (JSC::newIndexingType):
      (JSC::StructureTransitionTable::Hash::hash):
      * tests/mozilla/js1_6/Array/regress-304828.js:
      
      Source/WebCore: 
      
      Teach the DOM that to intercept get/put on indexed properties, you now have
      to override getOwnPropertySlotByIndex and putByIndex.
      
      No new tests because no new behavior. One test was rebased because indexed
      property iteration order now matches other engines (indexed properties always
      come first).
      
      * bindings/js/ArrayValue.cpp:
      (WebCore::ArrayValue::get):
      * bindings/js/JSBlobCustom.cpp:
      (WebCore::JSBlobConstructor::constructJSBlob):
      * bindings/js/JSCanvasRenderingContext2DCustom.cpp:
      (WebCore::JSCanvasRenderingContext2D::setWebkitLineDash):
      * bindings/js/JSDOMStringListCustom.cpp:
      (WebCore::toDOMStringList):
      * bindings/js/JSDOMStringMapCustom.cpp:
      (WebCore::JSDOMStringMap::deletePropertyByIndex):
      (WebCore):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
      (WebCore):
      (WebCore::JSDOMWindow::putByIndex):
      (WebCore::JSDOMWindow::deletePropertyByIndex):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::getOwnPropertySlotByIndex):
      (WebCore):
      (WebCore::JSDOMWindowShell::putByIndex):
      (WebCore::JSDOMWindowShell::deletePropertyByIndex):
      * bindings/js/JSDOMWindowShell.h:
      (JSDOMWindowShell):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::JSHistory::deletePropertyByIndex):
      (WebCore):
      * bindings/js/JSInspectorFrontendHostCustom.cpp:
      (WebCore::populateContextMenuItems):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::JSLocation::deletePropertyByIndex):
      (WebCore):
      * bindings/js/JSStorageCustom.cpp:
      (WebCore::JSStorage::deletePropertyByIndex):
      (WebCore):
      * bindings/js/JSWebSocketCustom.cpp:
      (WebCore::JSWebSocketConstructor::constructJSWebSocket):
      * bindings/js/ScriptValue.cpp:
      (WebCore::jsToInspectorValue):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneSerializer::serialize):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::RuntimeArray):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::createStructure):
      (RuntimeArray):
      
      LayoutTests: 
      
      Modify the JSON test to indicate that iterating over properties now returns
      indexed properties first. This is a behavior change that makes us more
      compliant with other implementations.
              
      Also check in new expected file for the edge cases of indexed property access
      with prototype accessors. This changeset introduces a known regression in that
      department, which is tracked here: https://bugs.webkit.org/show_bug.cgi?id=96596
      
      * fast/js/resources/JSON-stringify.js:
      * platform/mac/fast/js/primitive-property-access-edge-cases-expected.txt: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128400 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d8dd0535
  21. 01 Sep, 2012 1 commit
    • fpizlo@apple.com's avatar
      JSArray::putDirectIndex should by default behave like JSObject::putDirect · 3fbbc4f8
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=95630
      
      Reviewed by Gavin Barraclough.
      
      Source/JavaScriptCore: 
      
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jsc.cpp:
      (GlobalObject::finishCreation):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/JSArray.cpp:
      (JSC::SparseArrayValueMap::putDirect):
      (JSC::JSArray::defineOwnNumericProperty):
      (JSC::JSArray::putDirectIndexBeyondVectorLength):
      * runtime/JSArray.h:
      (SparseArrayValueMap):
      (JSArray):
      (JSC::JSArray::putDirectIndex):
      * runtime/JSONObject.cpp:
      (JSC::Walker::walk):
      * runtime/RegExpMatchesArray.cpp:
      (JSC::RegExpMatchesArray::reifyAllProperties):
      (JSC::RegExpMatchesArray::reifyMatchProperty):
      * runtime/StringPrototype.cpp:
      (JSC::splitStringByOneCharacterImpl):
      (JSC::stringProtoFuncSplit):
      
      Source/WebCore: 
      
      No new tests because no change in behavior.
      
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::putProperty):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127349 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3fbbc4f8
  22. 30 Aug, 2012 2 commits
  23. 26 Jul, 2012 1 commit
  24. 26 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG::operationNewArray is unnecessarily slow, and may use the wrong array · 6c89cd3f
      fpizlo@apple.com authored
      prototype when inlined
      https://bugs.webkit.org/show_bug.cgi?id=89821
      
      Source/JavaScriptCore: 
      
      Reviewed by Geoffrey Garen.
              
      Fixes all array allocations to use the right structure, and hence the right prototype. Adds
      inlining of new Array(...) with a non-zero number of arguments. Optimizes allocations of
      empty arrays.
      
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
      * dfg/DFGCCallHelpers.h:
      (JSC::DFG::CCallHelpers::setupArgumentsWithExecState):
      (CCallHelpers):
      * dfg/DFGNodeType.h:
      (DFG):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGPredictionPropagationPhase.cpp:
      (JSC::DFG::PredictionPropagationPhase::propagate):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::callOperation):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * runtime/JSArray.h:
      (JSC):
      (JSC::constructArray):
      * runtime/JSGlobalObject.h:
      (JSC):
      (JSC::constructArray):
      
      LayoutTests: 
      
      Rubber stamped by Geoffrey Garen.
      
      * fast/js/dfg-cross-global-object-inline-new-array-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-literal-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-literal-with-variables-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-literal-with-variables.html: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-literal.html: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-with-elements-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-with-elements.html: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-with-size-expected.txt: Added.
      * fast/js/dfg-cross-global-object-inline-new-array-with-size.html: Added.
      * fast/js/dfg-cross-global-object-inline-new-array.html: Added.
      * fast/js/script-tests/cross-global-object-inline-global-var.js:
      (done):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array-literal-with-variables.js: Added.
      (foo):
      (done):
      (doit):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array-literal.js: Added.
      (foo):
      (done):
      (doit):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array-with-elements.js: Added.
      (foo):
      (done):
      (doit):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array-with-size.js: Added.
      (foo):
      (done):
      (doit):
      * fast/js/script-tests/dfg-cross-global-object-inline-new-array.js: Added.
      (foo):
      (done):
      (doit):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121280 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6c89cd3f
  25. 12 May, 2012 1 commit
    • barraclough@apple.com's avatar
      Introduce PropertyName class · 38d3c75b
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=86241
      
      Reviewed by Geoff Garen.
      
      Replace 'const Identifier&' arguments to functions accessing object properties with a new 'PropertyName' type.
      This change paves the way to allow for properties keyed by values that are not Identifiers.
      
      This change is largely a mechanical find & replace.
      It also changes JSFunction's constructor to take a UString& instead of an Identifier&
      (since in some cases we can no longer guarantee that we'lll have an Identifier), and
      unifies Identifier's methods to obtain array indices onto PropertyName.
      
      The new PropertyName class retains the ability to support .impl() and .ustring(), but
      in a future patch we may need to rework this, since not all PropertyNames should be
      equal based on their string representation.
      
      Source/JavaScriptCore: 
      
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::finishCreation):
      * API/JSCallbackFunction.h:
      (JSCallbackFunction):
      (JSC::JSCallbackFunction::create):
      * API/JSCallbackObject.h:
      (JSCallbackObject):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::getOwnPropertySlot):
      (JSC::::getOwnPropertyDescriptor):
      (JSC::::put):
      (JSC::::deleteProperty):
      (JSC::::getStaticValue):
      (JSC::::staticFunctionGetter):
      (JSC::::callbackGetter):
      * API/JSObjectRef.cpp:
      (JSObjectMakeFunctionWithCallback):
      * JSCTypedArrayStubs.h:
      (JSC):
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::getOwnPropertySlot):
      (JSC::DebuggerActivation::put):
      (JSC::DebuggerActivation::putDirectVirtual):
      (JSC::DebuggerActivation::deleteProperty):
      (JSC::DebuggerActivation::getOwnPropertyDescriptor):
      (JSC::DebuggerActivation::defineOwnProperty):
      * debugger/DebuggerActivation.h:
      (DebuggerActivation):
      * jsc.cpp:
      (GlobalObject::addFunction):
      (GlobalObject::addConstructableFunction):
      * runtime/Arguments.cpp:
      (JSC::Arguments::getOwnPropertySlot):
      (JSC::Arguments::getOwnPropertyDescriptor):
      (JSC::Arguments::put):
      (JSC::Arguments::deleteProperty):
      (JSC::Arguments::defineOwnProperty):
      * runtime/Arguments.h:
      (Arguments):
      * runtime/ArrayConstructor.cpp:
      (JSC::ArrayConstructor::finishCreation):
      (JSC::ArrayConstructor::getOwnPropertySlot):
      (JSC::ArrayConstructor::getOwnPropertyDescriptor):
      * runtime/ArrayConstructor.h:
      (ArrayConstructor):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::getOwnPropertySlot):
      (JSC::ArrayPrototype::getOwnPropertyDescriptor):
      (JSC::putProperty):
      * runtime/ArrayPrototype.h:
      (ArrayPrototype):
      * runtime/BooleanConstructor.cpp:
      (JSC::BooleanConstructor::finishCreation):
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::getOwnPropertySlot):
      (JSC::BooleanPrototype::getOwnPropertyDescriptor):
      * runtime/BooleanPrototype.h:
      (BooleanPrototype):
      * runtime/ClassInfo.h:
      (MethodTable):
      * runtime/DateConstructor.cpp:
      (JSC::DateConstructor::finishCreation):
      (JSC::DateConstructor::getOwnPropertySlot):
      (JSC::DateConstructor::getOwnPropertyDescriptor):
      * runtime/DateConstructor.h:
      (DateConstructor):
      * runtime/DatePrototype.cpp:
      (JSC::DatePrototype::getOwnPropertySlot):
      (JSC::DatePrototype::getOwnPropertyDescriptor):
      * runtime/DatePrototype.h:
      (DatePrototype):
      * runtime/Error.h:
      (JSC::StrictModeTypeErrorFunction::create):
      * runtime/ErrorConstructor.cpp:
      (JSC::ErrorConstructor::finishCreation):
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::getOwnPropertySlot):
      (JSC::ErrorPrototype::getOwnPropertyDescriptor):
      * runtime/ErrorPrototype.h:
      (ErrorPrototype):
      * runtime/FunctionConstructor.cpp:
      (JSC::FunctionConstructor::finishCreation):
      * runtime/FunctionPrototype.cpp:
      (JSC::FunctionPrototype::finishCreation):
      (JSC::FunctionPrototype::addFunctionProperties):
      (JSC::functionProtoFuncBind):
      * runtime/FunctionPrototype.h:
      (JSC::FunctionPrototype::create):
      (FunctionPrototype):
      * runtime/Identifier.cpp:
      (JSC):
      * runtime/Identifier.h:
      (Identifier):
      * runtime/InternalFunction.cpp:
      (JSC::InternalFunction::finishCreation):
      * runtime/InternalFunction.h:
      (InternalFunction):
      * runtime/JSActivation.cpp:
      (JSC::JSActivation::symbolTableGet):
      (JSC::JSActivation::symbolTablePut):
      (JSC::JSActivation::symbolTablePutWithAttributes):
      (JSC::JSActivation::getOwnPropertySlot):
      (JSC::JSActivation::put):
      (JSC::JSActivation::putDirectVirtual):
      (JSC::JSActivation::deleteProperty):
      (JSC::JSActivation::argumentsGetter):
      * runtime/JSActivation.h:
      (JSActivation):
      * runtime/JSArray.cpp:
      (JSC::JSArray::defineOwnProperty):
      (JSC::JSArray::getOwnPropertySlot):
      (JSC::JSArray::getOwnPropertyDescriptor):
      (JSC::JSArray::put):
      (JSC::JSArray::deleteProperty):
      * runtime/JSArray.h:
      (JSArray):
      (JSC):
      * runtime/JSBoundFunction.cpp:
      (JSC::JSBoundFunction::create):
      (JSC::JSBoundFunction::finishCreation):
      * runtime/JSBoundFunction.h:
      (JSBoundFunction):
      * runtime/JSCell.cpp:
      (JSC::JSCell::getOwnPropertySlot):
      (JSC::JSCell::put):
      (JSC::JSCell::deleteProperty):
      (JSC::JSCell::putDirectVirtual):
      (JSC::JSCell::defineOwnProperty):
      (JSC::JSCell::getOwnPropertyDescriptor):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::create):
      (JSC::JSFunction::finishCreation):
      (JSC::JSFunction::argumentsGetter):
      (JSC::JSFunction::callerGetter):
      (JSC::JSFunction::lengthGetter):
      (JSC::JSFunction::getOwnPropertySlot):
      (JSC::JSFunction::getOwnPropertyDescriptor):
      (JSC::JSFunction::put):
      (JSC::JSFunction::deleteProperty):
      (JSC::JSFunction::defineOwnProperty):
      (JSC::getCalculatedDisplayName):
      * runtime/JSFunction.h:
      (JSFunction):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::put):
      (JSC::JSGlobalObject::putDirectVirtual):
      (JSC::JSGlobalObject::defineOwnProperty):
      (JSC::JSGlobalObject::reset):
      (JSC::JSGlobalObject::createThrowTypeError):
      (JSC::JSGlobalObject::getOwnPropertySlot):
      (JSC::JSGlobalObject::getOwnPropertyDescriptor):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::hasOwnPropertyForWrite):
      (JSC::JSGlobalObject::symbolTableHasProperty):
      * runtime/JSNotAnObject.cpp:
      (JSC::JSNotAnObject::getOwnPropertySlot):
      (JSC::JSNotAnObject::getOwnPropertyDescriptor):
      (JSC::JSNotAnObject::put):
      (JSC::JSNotAnObject::deleteProperty):
      * runtime/JSNotAnObject.h:
      (JSNotAnObject):
      * runtime/JSONObject.cpp:
      (JSC::JSONObject::getOwnPropertySlot):
      (JSC::JSONObject::getOwnPropertyDescriptor):
      * runtime/JSONObject.h:
      (JSONObject):
      * runtime/JSObject.cpp:
      (JSC::JSObject::put):
      (JSC::JSObject::putDirectVirtual):
      (JSC::JSObject::putDirectAccessor):
      (JSC::JSObject::hasProperty):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::hasOwnProperty):
      (JSC::callDefaultValueFunction):
      (JSC::JSObject::findPropertyHashEntry):
      (JSC::JSObject::getPropertySpecificValue):
      (JSC::JSObject::removeDirect):
      (JSC::JSObject::getOwnPropertyDescriptor):
      (JSC::JSObject::getPropertyDescriptor):
      (JSC::putDescriptor):
      (JSC::JSObject::defineOwnProperty):
      * runtime/JSObject.h:
      (JSObject):
      (JSC::JSObject::getDirect):
      (JSC::JSObject::getDirectLocation):
      (JSC::JSObject::inlineGetOwnPropertySlot):
      (JSC::JSObject::getOwnPropertySlot):
      (JSC::JSCell::fastGetOwnPropertySlot):
      (JSC::JSObject::getPropertySlot):
      (JSC::JSObject::get):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::putOwnDataProperty):
      (JSC::JSObject::putDirect):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC::JSValue::get):
      (JSC::JSValue::put):
      * runtime/JSStaticScopeObject.cpp:
      (JSC::JSStaticScopeObject::put):
      (JSC::JSStaticScopeObject::putDirectVirtual):
      (JSC::JSStaticScopeObject::getOwnPropertySlot):
      * runtime/JSStaticScopeObject.h:
      (JSStaticScopeObject):
      * runtime/JSString.cpp:
      (JSC::JSString::getOwnPropertySlot):
      (JSC::JSString::getStringPropertyDescriptor):
      * runtime/JSString.h:
      (JSString):
      (JSC::JSString::getStringPropertySlot):
      * runtime/JSValue.cpp:
      (JSC::JSValue::putToPrimitive):
      * runtime/JSValue.h:
      (JSC):
      (JSValue):
      * runtime/JSVariableObject.cpp:
      (JSC::JSVariableObject::deleteProperty):
      (JSC::JSVariableObject::symbolTableGet):
      (JSC::JSVariableObject::putDirectVirtual):
      * runtime/JSVariableObject.h:
      (JSVariableObject):
      (JSC::JSVariableObject::symbolTableGet):
      (JSC::JSVariableObject::symbolTablePut):
      (JSC::JSVariableObject::symbolTablePutWithAttributes):
      * runtime/Lookup.cpp:
      (JSC::setUpStaticFunctionSlot):
      * runtime/Lookup.h:
      (JSC::HashTable::entry):
      (JSC):
      (JSC::getStaticPropertySlot):
      (JSC::getStaticPropertyDescriptor):
      (JSC::getStaticFunctionSlot):
      (JSC::getStaticFunctionDescriptor):
      (JSC::getStaticValueSlot):
      (JSC::getStaticValueDescriptor):
      (JSC::lookupPut):
      * runtime/MathObject.cpp:
      (JSC::MathObject::getOwnPropertySlot):
      (JSC::MathObject::getOwnPropertyDescriptor):
      * runtime/MathObject.h:
      (MathObject):
      * runtime/NativeErrorConstructor.h:
      (JSC::NativeErrorConstructor::finishCreation):
      * runtime/NumberConstructor.cpp:
      (JSC):
      (JSC::NumberConstructor::finishCreation):
      (JSC::NumberConstructor::getOwnPropertySlot):
      (JSC::NumberConstructor::getOwnPropertyDescriptor):
      (JSC::NumberConstructor::put):
      (JSC::numberConstructorNaNValue):
      (JSC::numberConstructorNegInfinity):
      (JSC::numberConstructorPosInfinity):
      (JSC::numberConstructorMaxValue):
      (JSC::numberConstructorMinValue):
      * runtime/NumberConstructor.h:
      (NumberConstructor):
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::getOwnPropertySlot):
      (JSC::NumberPrototype::getOwnPropertyDescriptor):
      * runtime/NumberPrototype.h:
      (NumberPrototype):
      * runtime/ObjectConstructor.cpp:
      (JSC::ObjectConstructor::finishCreation):
      (JSC::ObjectConstructor::getOwnPropertySlot):
      (JSC::ObjectConstructor::getOwnPropertyDescriptor):
      * runtime/ObjectConstructor.h:
      (ObjectConstructor):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::put):
      (JSC::ObjectPrototype::defineOwnProperty):
      (JSC::ObjectPrototype::getOwnPropertySlot):
      (JSC::ObjectPrototype::getOwnPropertyDescriptor):
      * runtime/ObjectPrototype.h:
      (ObjectPrototype):
      * runtime/PropertySlot.h:
      (PropertySlot):
      (JSC::PropertySlot::getValue):
      * runtime/RegExpConstructor.cpp:
      (JSC):
      (JSC::RegExpConstructor::finishCreation):
      (JSC::RegExpConstructor::getOwnPropertySlot):
      (JSC::RegExpConstructor::getOwnPropertyDescriptor):
      (JSC::regExpConstructorDollar1):
      (JSC::regExpConstructorDollar2):
      (JSC::regExpConstructorDollar3):
      (JSC::regExpConstructorDollar4):
      (JSC::regExpConstructorDollar5):
      (JSC::regExpConstructorDollar6):
      (JSC::regExpConstructorDollar7):
      (JSC::regExpConstructorDollar8):
      (JSC::regExpConstructorDollar9):
      (JSC::regExpConstructorInput):
      (JSC::regExpConstructorMultiline):
      (JSC::regExpConstructorLastMatch):
      (JSC::regExpConstructorLastParen):
      (JSC::regExpConstructorLeftContext):
      (JSC::regExpConstructorRightContext):
      (JSC::RegExpConstructor::put):
      * runtime/RegExpConstructor.h:
      (RegExpConstructor):
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::getOwnPropertySlot):
      (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
      (JSC::RegExpMatchesArray::put):
      (JSC::RegExpMatchesArray::deleteProperty):
      (JSC::RegExpMatchesArray::defineOwnProperty):
      * runtime/RegExpObject.cpp:
      (JSC):
      (JSC::RegExpObject::getOwnPropertySlot):
      (JSC::RegExpObject::getOwnPropertyDescriptor):
      (JSC::RegExpObject::deleteProperty):
      (JSC::RegExpObject::defineOwnProperty):
      (JSC::regExpObjectGlobal):
      (JSC::regExpObjectIgnoreCase):
      (JSC::regExpObjectMultiline):
      (JSC::regExpObjectSource):
      (JSC::RegExpObject::put):
      * runtime/RegExpObject.h:
      (RegExpObject):
      * runtime/RegExpPrototype.cpp:
      (JSC::RegExpPrototype::getOwnPropertySlot):
      (JSC::RegExpPrototype::getOwnPropertyDescriptor):
      * runtime/RegExpPrototype.h:
      (RegExpPrototype):
      * runtime/StrictEvalActivation.cpp:
      (JSC::StrictEvalActivation::deleteProperty):
      * runtime/StrictEvalActivation.h:
      (StrictEvalActivation):
      * runtime/StringConstructor.cpp:
      (JSC::StringConstructor::finishCreation):
      (JSC::StringConstructor::getOwnPropertySlot):
      (JSC::StringConstructor::getOwnPropertyDescriptor):
      * runtime/StringConstructor.h:
      (StringConstructor):
      * runtime/StringObject.cpp:
      (JSC::StringObject::getOwnPropertySlot):
      (JSC::StringObject::getOwnPropertyDescriptor):
      (JSC::StringObject::put):
      (JSC::StringObject::defineOwnProperty):
      (JSC::StringObject::deleteProperty):
      * runtime/StringObject.h:
      (StringObject):
      * runtime/StringPrototype.cpp:
      (JSC::StringPrototype::getOwnPropertySlot):
      (JSC::StringPrototype::getOwnPropertyDescriptor):
      * runtime/StringPrototype.h:
      (StringPrototype):
      * runtime/Structure.cpp:
      (JSC::Structure::despecifyDictionaryFunction):
      (JSC::Structure::addPropertyTransitionToExistingStructure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::removePropertyTransition):
      (JSC::Structure::despecifyFunctionTransition):
      (JSC::Structure::attributeChangeTransition):
      (JSC::Structure::addPropertyWithoutTransition):
      (JSC::Structure::removePropertyWithoutTransition):
      (JSC::Structure::get):
      (JSC::Structure::despecifyFunction):
      (JSC::Structure::putSpecificValue):
      (JSC::Structure::remove):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::get):
      
      Source/WebCore: 
      
      * WebCore.exp.in:
      * bindings/js/JSCSSStyleDeclarationCustom.cpp:
      (WebCore::cssPropertyIDForJSCSSPropertyName):
      (WebCore::JSCSSStyleDeclaration::getOwnPropertySlotDelegate):
      (WebCore::JSCSSStyleDeclaration::getOwnPropertyDescriptorDelegate):
      (WebCore::JSCSSStyleDeclaration::putDelegate):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::findAtomicString):
      (WebCore::objectToStringFunctionGetter):
      * bindings/js/JSDOMBinding.h:
      (WebCore):
      (WebCore::propertyNameToString):
      (WebCore::propertyNameToAtomicString):
      * bindings/js/JSDOMMimeTypeArrayCustom.cpp:
      (WebCore::JSDOMMimeTypeArray::canGetItemsForName):
      (WebCore::JSDOMMimeTypeArray::nameGetter):
      * bindings/js/JSDOMPluginArrayCustom.cpp:
      (WebCore::JSDOMPluginArray::canGetItemsForName):
      (WebCore::JSDOMPluginArray::nameGetter):
      * bindings/js/JSDOMPluginCustom.cpp:
      (WebCore::JSDOMPlugin::canGetItemsForName):
      (WebCore::JSDOMPlugin::nameGetter):
      * bindings/js/JSDOMStringMapCustom.cpp:
      (WebCore::JSDOMStringMap::canGetItemsForName):
      (WebCore::JSDOMStringMap::nameGetter):
      (WebCore::JSDOMStringMap::deleteProperty):
      (WebCore::JSDOMStringMap::putDelegate):
      * bindings/js/JSDOMWindowCustom.cpp:
      (WebCore::nonCachingStaticFunctionGetter):
      (WebCore::childFrameGetter):
      (WebCore::namedItemGetter):
      (WebCore::JSDOMWindow::getOwnPropertySlot):
      (WebCore::JSDOMWindow::getOwnPropertyDescriptor):
      (WebCore::JSDOMWindow::put):
      (WebCore::JSDOMWindow::deleteProperty):
      (WebCore::JSDOMWindow::defineOwnProperty):
      * bindings/js/JSDOMWindowShell.cpp:
      (WebCore::JSDOMWindowShell::getOwnPropertySlot):
      (WebCore::JSDOMWindowShell::getOwnPropertyDescriptor):
      (WebCore::JSDOMWindowShell::put):
      (WebCore::JSDOMWindowShell::putDirectVirtual):
      (WebCore::JSDOMWindowShell::defineOwnProperty):
      (WebCore::JSDOMWindowShell::deleteProperty):
      * bindings/js/JSDOMWindowShell.h:
      (JSDOMWindowShell):
      * bindings/js/JSHTMLAllCollectionCustom.cpp:
      (WebCore::getNamedItems):
      (WebCore::callHTMLAllCollection):
      (WebCore::JSHTMLAllCollection::canGetItemsForName):
      (WebCore::JSHTMLAllCollection::nameGetter):
      (WebCore::JSHTMLAllCollection::item):
      * bindings/js/JSHTMLAppletElementCustom.cpp:
      (WebCore::JSHTMLAppletElement::getOwnPropertySlotDelegate):
      (WebCore::JSHTMLAppletElement::getOwnPropertyDescriptorDelegate):
      (WebCore::JSHTMLAppletElement::putDelegate):
      * bindings/js/JSHTMLCollectionCustom.cpp:
      (WebCore::getNamedItems):
      (WebCore::JSHTMLCollection::canGetItemsForName):
      (WebCore::JSHTMLCollection::nameGetter):
      * bindings/js/JSHTMLDocumentCustom.cpp:
      (WebCore::JSHTMLDocument::canGetItemsForName):
      (WebCore::JSHTMLDocument::nameGetter):
      * bindings/js/JSHTMLEmbedElementCustom.cpp:
      (WebCore::JSHTMLEmbedElement::getOwnPropertySlotDelegate):
      (WebCore::JSHTMLEmbedElement::getOwnPropertyDescriptorDelegate):
      (WebCore::JSHTMLEmbedElement::putDelegate):
      * bindings/js/JSHTMLFormElementCustom.cpp:
      (WebCore::JSHTMLFormElement::canGetItemsForName):
      (WebCore::JSHTMLFormElement::nameGetter):
      * bindings/js/JSHTMLFrameSetElementCustom.cpp:
      (WebCore::JSHTMLFrameSetElement::canGetItemsForName):
      (WebCore::JSHTMLFrameSetElement::nameGetter):
      * bindings/js/JSHTMLObjectElementCustom.cpp:
      (WebCore::JSHTMLObjectElement::getOwnPropertySlotDelegate):
      (WebCore::JSHTMLObjectElement::getOwnPropertyDescriptorDelegate):
      (WebCore::JSHTMLObjectElement::putDelegate):
      * bindings/js/JSHistoryCustom.cpp:
      (WebCore::nonCachingStaticBackFunctionGetter):
      (WebCore::nonCachingStaticForwardFunctionGetter):
      (WebCore::nonCachingStaticGoFunctionGetter):
      (WebCore::JSHistory::getOwnPropertySlotDelegate):
      (WebCore::JSHistory::getOwnPropertyDescriptorDelegate):
      (WebCore::JSHistory::putDelegate):
      (WebCore::JSHistory::deleteProperty):
      * bindings/js/JSLocationCustom.cpp:
      (WebCore::nonCachingStaticReplaceFunctionGetter):
      (WebCore::nonCachingStaticReloadFunctionGetter):
      (WebCore::nonCachingStaticAssignFunctionGetter):
      (WebCore::JSLocation::getOwnPropertySlotDelegate):
      (WebCore::JSLocation::getOwnPropertyDescriptorDelegate):
      (WebCore::JSLocation::putDelegate):
      (WebCore::JSLocation::deleteProperty):
      (WebCore::JSLocation::defineOwnProperty):
      (WebCore::JSLocationPrototype::putDelegate):
      (WebCore::JSLocationPrototype::defineOwnProperty):
      * bindings/js/JSNamedNodeMapCustom.cpp:
      (WebCore::JSNamedNodeMap::canGetItemsForName):
      (WebCore::JSNamedNodeMap::nameGetter):
      * bindings/js/JSNodeListCustom.cpp:
      (WebCore::JSNodeList::canGetItemsForName):
      (WebCore::JSNodeList::nameGetter):
      * bindings/js/JSPluginElementFunctions.cpp:
      (WebCore::runtimeObjectPropertyGetter):
      (WebCore::runtimeObjectCustomGetOwnPropertySlot):
      (WebCore::runtimeObjectCustomGetOwnPropertyDescriptor):
      (WebCore::runtimeObjectCustomPut):
      * bindings/js/JSPluginElementFunctions.h:
      (WebCore):
      * bindings/js/JSStorageCustom.cpp:
      (WebCore::JSStorage::canGetItemsForName):
      (WebCore::JSStorage::nameGetter):
      (WebCore::JSStorage::deleteProperty):
      (WebCore::JSStorage::putDelegate):
      * bindings/js/JSStyleSheetListCustom.cpp:
      (WebCore::JSStyleSheetList::canGetItemsForName):
      (WebCore::JSStyleSheetList::nameGetter):
      * bindings/js/JSWorkerContextCustom.cpp:
      (WebCore::JSWorkerContext::getOwnPropertySlotDelegate):
      (WebCore::JSWorkerContext::getOwnPropertyDescriptorDelegate):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateGetOwnPropertySlotBody):
      (GenerateGetOwnPropertyDescriptorBody):
      (GenerateHeader):
      (GenerateImplementation):
      (GenerateConstructorDeclaration):
      (GenerateConstructorDefinition):
      * bridge/c/c_class.cpp:
      (JSC::Bindings::CClass::methodsNamed):
      (JSC::Bindings::CClass::fieldNamed):
      * bridge/c/c_class.h:
      (CClass):
      * bridge/c/c_instance.cpp:
      (JSC::Bindings::CRuntimeMethod::create):
      (JSC::Bindings::CRuntimeMethod::finishCreation):
      (JSC::Bindings::CInstance::getMethod):
      * bridge/c/c_instance.h:
      (CInstance):
      * bridge/jni/jsc/JavaClassJSC.cpp:
      (JavaClass::methodsNamed):
      (JavaClass::fieldNamed):
      * bridge/jni/jsc/JavaClassJSC.h:
      (JavaClass):
      * bridge/jni/jsc/JavaInstanceJSC.cpp:
      (JavaRuntimeMethod::create):
      (JavaRuntimeMethod::finishCreation):
      * bridge/jni/jsc/JavaInstanceJSC.h:
      (JavaInstance):
      * bridge/jsc/BridgeJSC.h:
      (Class):
      (JSC::Bindings::Class::fallbackObject):
      (JSC::Bindings::Instance::setValueOfUndefinedField):
      (Instance):
      (JSC::Bindings::Instance::getOwnPropertySlot):
      (JSC::Bindings::Instance::getOwnPropertyDescriptor):
      (JSC::Bindings::Instance::put):
      * bridge/objc/objc_class.h:
      (ObjcClass):
      * bridge/objc/objc_class.mm:
      (JSC::Bindings::ObjcClass::methodsNamed):
      (JSC::Bindings::ObjcClass::fieldNamed):
      (JSC::Bindings::ObjcClass::fallbackObject):
      * bridge/objc/objc_instance.h:
      (ObjcInstance):
      * bridge/objc/objc_instance.mm:
      (ObjCRuntimeMethod::create):
      (ObjCRuntimeMethod::finishCreation):
      (ObjcInstance::setValueOfUndefinedField):
      (ObjcInstance::getValueOfUndefinedField):
      * bridge/objc/objc_runtime.h:
      (JSC::Bindings::ObjcFallbackObjectImp::create):
      (JSC::Bindings::ObjcFallbackObjectImp::propertyName):
      (ObjcFallbackObjectImp):
      * bridge/objc/objc_runtime.mm:
      (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
      (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertySlot):
      (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertyDescriptor):
      (JSC::Bindings::ObjcFallbackObjectImp::put):
      (JSC::Bindings::callObjCFallbackObject):
      (JSC::Bindings::ObjcFallbackObjectImp::deleteProperty):
      (JSC::Bindings::ObjcFallbackObjectImp::defaultValue):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::lengthGetter):
      (JSC::RuntimeArray::getOwnPropertySlot):
      (JSC::RuntimeArray::getOwnPropertyDescriptor):
      (JSC::RuntimeArray::put):
      (JSC::RuntimeArray::deleteProperty):
      * bridge/runtime_array.h:
      (RuntimeArray):
      * bridge/runtime_method.cpp:
      (JSC::RuntimeMethod::finishCreation):
      (JSC::RuntimeMethod::lengthGetter):
      (JSC::RuntimeMethod::getOwnPropertySlot):
      (JSC::RuntimeMethod::getOwnPropertyDescriptor):
      * bridge/runtime_method.h:
      (JSC::RuntimeMethod::create):
      (RuntimeMethod):
      * bridge/runtime_object.cpp:
      (JSC::Bindings::RuntimeObject::fallbackObjectGetter):
      (JSC::Bindings::RuntimeObject::fieldGetter):
      (JSC::Bindings::RuntimeObject::methodGetter):
      (JSC::Bindings::RuntimeObject::getOwnPropertySlot):
      (JSC::Bindings::RuntimeObject::getOwnPropertyDescriptor):
      (JSC::Bindings::RuntimeObject::put):
      (JSC::Bindings::RuntimeObject::deleteProperty):
      * bridge/runtime_object.h:
      (RuntimeObject):
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/ProxyInstance.h:
      (ProxyInstance):
      * Plugins/Hosted/ProxyInstance.mm:
      (ProxyClass):
      (WebKit::ProxyClass::methodsNamed):
      (WebKit::ProxyClass::fieldNamed):
      (WebKit::ProxyRuntimeMethod::create):
      (WebKit::ProxyRuntimeMethod::finishCreation):
      (WebKit::ProxyInstance::getMethod):
      (WebKit::ProxyInstance::methodsNamed):
      (WebKit::ProxyInstance::fieldNamed):
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/JSNPMethod.cpp:
      (WebKit::JSNPMethod::finishCreation):
      * WebProcess/Plugins/Netscape/JSNPMethod.h:
      (WebKit::JSNPMethod::create):
      (JSNPMethod):
      * WebProcess/Plugins/Netscape/JSNPObject.cpp:
      (WebKit::npIdentifierFromIdentifier):
      (WebKit::JSNPObject::getOwnPropertySlot):
      (WebKit::JSNPObject::getOwnPropertyDescriptor):
      (WebKit::JSNPObject::put):
      (WebKit::JSNPObject::deleteProperty):
      (WebKit::JSNPObject::propertyGetter):
      (WebKit::JSNPObject::methodGetter):
      * WebProcess/Plugins/Netscape/JSNPObject.h:
      (JSNPObject):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@116828 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      38d3c75b
  26. 20 Apr, 2012 1 commit
  27. 18 Apr, 2012 1 commit
    • benjamin@webkit.org's avatar
      Remove m_subclassData from JSArray, move the attribute to subclass as needed · 01a43ea1
      benjamin@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=84249
      
      Patch by Benjamin Poulain <bpoulain@apple.com> on 2012-04-18
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore: 
      
      JSArray's m_subclassData is only used by WebCore's RuntimeArray. This patch moves
      the attribute to RuntimeArray to avoid allocating memory for the pointer in the common
      case.
      
      This gives ~1% improvement in JSArray creation microbenchmark thanks to fewer allocations
      of CopiedSpace.
      
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateJSArray):
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
      * runtime/JSArray.h:
      
      Source/WebCore: 
      
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::RuntimeArray):
      (JSC::RuntimeArray::finishCreation):
      * bridge/runtime_array.h:
      (JSC::RuntimeArray::getLength):
      (JSC::RuntimeArray::getConcreteArray):
      (RuntimeArray):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@114539 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      01a43ea1
  28. 07 Apr, 2012 1 commit
    • benjamin@webkit.org's avatar
      Do not abuse ArrayStorage's m_length for testing array consistency · 83c15267
      benjamin@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=83403
      
      Patch by Benjamin Poulain <bpoulain@apple.com> on 2012-04-06
      Reviewed by Geoffrey Garen.
      
      Array creation from a list of values is a 3 steps process:
      -JSArray::tryCreateUninitialized()
      -JSArray::initializeIndex() for each values
      -JSArray::completeInitialization()
      
      Previously, the attribute m_length was not set to the final size
      JSArray::tryCreateUninitialized() because it was used to test the array
      consistency JSArray::initializeIndex().
      
      This caused the initialization loop using JSArray::initializeIndex() maintain
      two counters:
      -index of the loop
      -storage->m_length++
      
      This patch fixes this by using the index of the initialization loop for the indinces of
      JSArray::initializeIndex(). For testing consistency, the variable m_initializationIndex
      is introduced if CHECK_ARRAY_CONSISTENCY is defined.
      
      The patch also fixes minor unrelated build issue when CHECK_ARRAY_CONSISTENCY is defined.
      
      This improves the performance of JSArray creation from literals by 8%.
      
      * runtime/JSArray.cpp:
      (JSC::JSArray::tryFinishCreationUninitialized):
      (JSC::JSArray::checkConsistency):
      * runtime/JSArray.h:
      (ArrayStorage):
      (JSC::JSArray::initializeIndex):
      (JSC::JSArray::completeInitialization):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@113530 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      83c15267
  29. 05 Apr, 2012 1 commit
    • oliver@apple.com's avatar
      Replace static_cast with jsCast when casting JSCell subclasses in JSC · 0c59caf6
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=83307
      
      Reviewed by Gavin Barraclough.
      
      Replace all usage of static_cast<JSCell subtype*> with jsCast<> in JavaScriptCore.
      This results in assertions when unsafe casts are performed, but simply leaves
      a static_cast<> in release builds.
      
      * API/APICast.h:
      (toJS):
      * API/JSCallbackConstructor.cpp:
      (JSC::constructJSCallback):
      * API/JSCallbackFunction.cpp:
      (JSC::JSCallbackFunction::call):
      * API/JSCallbackObjectFunctions.h:
      (JSC::::asCallbackObject):
      (JSC::::finishCreation):
      (JSC::::construct):
      (JSC::::call):
      * API/JSObjectRef.cpp:
      (JSObjectGetPrivate):
      (JSObjectSetPrivate):
      (JSObjectGetPrivateProperty):
      (JSObjectSetPrivateProperty):
      (JSObjectDeletePrivateProperty):
      * API/JSValueRef.cpp:
      (JSValueIsObjectOfClass):
      * API/JSWeakObjectMapRefPrivate.cpp:
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::resolve):
      (JSC::BytecodeGenerator::resolveConstDecl):
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::finishCreation):
      * dfg/DFGOperations.cpp:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/Executable.h:
      (JSC::isHostFunction):
      * runtime/JSActivation.h:
      (JSC::asActivation):
      * runtime/JSArray.cpp:
      (JSC::JSArray::defineOwnProperty):
      * runtime/JSArray.h:
      (JSC::asArray):
      * runtime/JSBoundFunction.cpp:
      (JSC::boundFunctionCall):
      (JSC::boundFunctionConstruct):
      * runtime/JSByteArray.h:
      (JSC::asByteArray):
      * runtime/JSCell.cpp:
      (JSC::JSCell::toObject):
      * runtime/JSCell.h:
      (JSC::jsCast):
      * runtime/JSGlobalObject.h:
      (JSC::asGlobalObject):
      * runtime/JSGlobalObjectFunctions.cpp:
      (JSC::globalFuncEval):
      * runtime/JSObject.cpp:
      (JSC::JSObject::setPrototypeWithCycleCheck):
      (JSC::JSObject::allowsAccessFrom):
      (JSC::JSObject::toThisObject):
      (JSC::JSObject::unwrappedObject):
      * runtime/JSObject.h:
      (JSC::asObject):
      * runtime/JSPropertyNameIterator.h:
      (JSC::Register::propertyNameIterator):
      * runtime/JSString.h:
      (JSC::asString):
      (JSC::JSValue::toString):
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncSubstr):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@113363 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0c59caf6
  30. 29 Mar, 2012 1 commit
    • caio.oliveira@openbossa.org's avatar
      HashMap<>::add should return a more descriptive object · 4c11ee05
      caio.oliveira@openbossa.org authored
      https://bugs.webkit.org/show_bug.cgi?id=71063
      
      Reviewed by Ryosuke Niwa.
      
      Source/JavaScriptCore:
      
      Update code to use AddResult instead of a pair. Note that since WeakGCMap wraps
      the iterator type, there's a need for its own AddResult type -- instantiated from
      HashTableAddResult template class.
      
      * API/JSCallbackObject.h:
      (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
      * API/JSClassRef.cpp:
      (OpaqueJSClass::contextData):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::addVar):
      (JSC::BytecodeGenerator::addGlobalVar):
      (JSC::BytecodeGenerator::addConstant):
      (JSC::BytecodeGenerator::addConstantValue):
      (JSC::BytecodeGenerator::emitLoad):
      (JSC::BytecodeGenerator::addStringConstant):
      (JSC::BytecodeGenerator::emitLazyNewFunction):
      * bytecompiler/NodesCodegen.cpp:
      (JSC::PropertyListNode::emitBytecode):
      * debugger/Debugger.cpp:
      * dfg/DFGAssemblyHelpers.cpp:
      (JSC::DFG::AssemblyHelpers::decodedCodeMapFor):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::cellConstant):
      (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
      * jit/JITStubs.cpp:
      (JSC::JITThunks::ctiStub):
      (JSC::JITThunks::hostFunctionStub):
      * parser/Parser.cpp:
      (JSC::::parseStrictObjectLiteral):
      * parser/Parser.h:
      (JSC::Scope::declareParameter):
      * runtime/Identifier.cpp:
      (JSC::Identifier::add):
      (JSC::Identifier::add8):
      (JSC::Identifier::addSlowCase):
      * runtime/Identifier.h:
      (JSC::Identifier::add):
      (JSC::IdentifierTable::add):
      * runtime/JSArray.cpp:
      (JSC::SparseArrayValueMap::add):
      (JSC::SparseArrayValueMap::put):
      (JSC::SparseArrayValueMap::putDirect):
      (JSC::JSArray::enterDictionaryMode):
      (JSC::JSArray::defineOwnNumericProperty):
      * runtime/JSArray.h:
      (SparseArrayValueMap):
      * runtime/PropertyNameArray.cpp:
      (JSC::PropertyNameArray::add):
      * runtime/StringRecursionChecker.h:
      (JSC::StringRecursionChecker::performCheck):
      * runtime/Structure.cpp:
      (JSC::StructureTransitionTable::add):
      * runtime/WeakGCMap.h:
      (WeakGCMap):
      (JSC::WeakGCMap::add):
      (JSC::WeakGCMap::set):
      * tools/ProfileTreeNode.h:
      (JSC::ProfileTreeNode::sampleChild):
      
      Source/WebCore:
      
      Update code to use AddResult instead of a pair. No new tests, just a refactoring.
      
      * Modules/webdatabase/SQLTransactionCoordinator.cpp:
      (WebCore::SQLTransactionCoordinator::acquireLock):
      * Modules/webdatabase/chromium/QuotaTracker.cpp:
      (WebCore::QuotaTracker::updateDatabaseSize):
      * bindings/js/DOMObjectHashTableMap.h:
      (WebCore::DOMObjectHashTableMap::get):
      * bindings/js/JSDOMBinding.cpp:
      (WebCore::cacheDOMStructure):
      * bindings/js/JSDOMBinding.h:
      (WebCore::cacheWrapper):
      * bindings/js/JSDOMGlobalObject.h:
      (WebCore::getDOMConstructor):
      * bindings/js/PageScriptDebugServer.cpp:
      (WebCore::PageScriptDebugServer::addListener):
      * bindings/js/ScriptDebugServer.cpp:
      (WebCore::ScriptDebugServer::setBreakpoint):
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneSerializer::startObjectInternal):
      (WebCore::CloneSerializer::write):
      * bindings/v8/NPV8Object.cpp:
      (WebCore::npCreateV8ScriptObject):
      * bridge/IdentifierRep.cpp:
      (WebCore::IdentifierRep::get):
      * bridge/NP_jsobject.cpp:
      (ObjectMap::add):
      * css/CSSComputedStyleDeclaration.cpp:
      (WebCore::logUnimplementedPropertyID):
      * css/CSSFontFaceSource.cpp:
      (WebCore::CSSFontFaceSource::getFontData):
      * css/CSSFontSelector.cpp:
      (WebCore::CSSFontSelector::addFontFaceRule):
      (WebCore::CSSFontSelector::getFontData):
      * css/CSSSegmentedFontFace.cpp:
      (WebCore::CSSSegmentedFontFace::getFontData):
      * css/CSSStyleApplyProperty.cpp:
      (WebCore::ApplyPropertyCounter::applyInheritValue):
      (WebCore::ApplyPropertyCounter::applyValue):
      * css/CSSStyleSelector.cpp:
      (WebCore::CSSStyleSelector::appendAuthorStylesheets):
      (WebCore::CSSStyleSelector::collectMatchingRulesForList):
      * css/CSSValuePool.cpp:
      (WebCore::CSSValuePool::createIdentifierValue):
      (WebCore::CSSValuePool::createColorValue):
      (WebCore::CSSValuePool::createValue):
      (WebCore::CSSValuePool::createFontFamilyValue):
      (WebCore::CSSValuePool::createFontFaceValue):
      * dom/CheckedRadioButtons.cpp:
      (WebCore::RadioButtonGroup::add):
      (WebCore::CheckedRadioButtons::addButton):
      * dom/ChildListMutationScope.cpp:
      (WebCore::ChildListMutationScope::MutationAccumulationRouter::incrementScopingLevel):
      * dom/Document.cpp:
      (WebCore::Document::windowNamedItems):
      (WebCore::Document::documentNamedItems):
      (WebCore::Document::getCSSCanvasElement):
      (WebCore::Document::getItems):
      * dom/DocumentEventQueue.cpp:
      (WebCore::DocumentEventQueue::enqueueEvent):
      (WebCore::DocumentEventQueue::enqueueOrDispatchScrollEvent):
      (WebCore::DocumentEventQueue::pendingEventTimerFired):
      * dom/DocumentOrderedMap.cpp:
      (WebCore::DocumentOrderedMap::add):
      * dom/EventListenerMap.cpp:
      (WebCore::EventListenerMap::add):
      * dom/Node.cpp:
      (WebCore::Node::dumpStatistics):
      (WebCore::Node::getElementsByTagName):
      (WebCore::Node::getElementsByTagNameNS):
      (WebCore::Node::getElementsByName):
      (WebCore::Node::getElementsByClassName):
      (WebCore::Node::collectMatchingObserversForMutation):
      * dom/QualifiedName.cpp:
      (WebCore::QualifiedName::init):
      * dom/SpaceSplitString.cpp:
      (WebCore::SpaceSplitStringData::create):
      * dom/StyledElement.cpp:
      (WebCore::StyledElement::updateAttributeStyle):
      * html/HTMLCollection.cpp:
      (WebCore::HTMLCollection::append):
      * inspector/DOMPatchSupport.cpp:
      (WebCore::DOMPatchSupport::diff):
      * inspector/InspectorCSSAgent.cpp:
      (WebCore::SelectorProfile::commitSelector):
      * inspector/InspectorDOMAgent.cpp:
      (WebCore::InspectorDOMAgent::performSearch):
      * inspector/InspectorDebuggerAgent.cpp:
      (WebCore::InspectorDebuggerAgent::resolveBreakpoint):
      * inspector/InspectorValues.h:
      (WebCore::InspectorObject::setValue):
      (WebCore::InspectorObject::setObject):
      (WebCore::InspectorObject::setArray):
      * loader/appcache/ApplicationCacheGroup.cpp:
      (WebCore::ApplicationCacheGroup::addEntry):
      * loader/appcache/ApplicationCacheStorage.cpp:
      (WebCore::ApplicationCacheStorage::findOrCreateCacheGroup):
      * page/EventHandler.cpp:
      (WebCore::EventHandler::handleTouchEvent):
      * page/PageGroup.cpp:
      (WebCore::PageGroup::pageGroup):
      (WebCore::PageGroup::addVisitedLink):
      (WebCore::PageGroup::addUserScriptToWorld):
      (WebCore::PageGroup::addUserStyleSheetToWorld):
      * page/SecurityPolicy.cpp:
      (WebCore::SecurityPolicy::addOriginAccessWhitelistEntry):
      * page/TouchAdjustment.cpp:
      (WebCore::TouchAdjustment::compileSubtargetList):
      * platform/cf/BinaryPropertyList.cpp:
      (WebCore::BinaryPropertyListPlan::writeInteger):
      (WebCore::BinaryPropertyListPlan::writeString):
      (WebCore::BinaryPropertyListPlan::writeIntegerArray):
      * platform/graphics/blackberry/LayerTiler.cpp:
      (WebCore::LayerTiler::addTileJob):
      * platform/graphics/ca/GraphicsLayerCA.cpp:
      (WebCore::GraphicsLayerCA::findOrMakeClone):
      * platform/graphics/ca/mac/TileCache.mm:
      (WebCore::TileCache::revalidateTiles):
      * platform/graphics/ca/win/LayerChangesFlusher.cpp:
      (WebCore::LayerChangesFlusher::flushPendingLayerChangesSoon):
      * platform/graphics/chromium/FontUtilsChromiumWin.cpp:
      (WebCore::getDerivedFontData):
      * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
      (WebCore::CCLayerAnimationController::startAnimationsWaitingForTargetAvailability):
      * platform/graphics/mac/ComplexTextControllerATSUI.cpp:
      (WebCore::initializeATSUStyle):
      * platform/graphics/mac/SimpleFontDataCoreText.cpp:
      (WebCore::SimpleFontData::getCFStringAttributes):
      * platform/graphics/mac/SimpleFontDataMac.mm:
      (WebCore::SimpleFontData::canRenderCombiningCharacterSequence):
      * platform/graphics/wince/FontPlatformData.cpp:
      (WebCore::FixedSizeFontData::create):
      * platform/gtk/RenderThemeGtk3.cpp:
      (WebCore::getStyleContext):
      * platform/mac/ThreadCheck.mm:
      (WebCoreReportThreadViolation):
      * platform/network/HTTPHeaderMap.cpp:
      (WebCore::HTTPHeaderMap::add):
      * platform/network/HTTPHeaderMap.h:
      (HTTPHeaderMap):
      * platform/network/ResourceRequestBase.cpp:
      (WebCore::ResourceRequestBase::addHTTPHeaderField):
      * plugins/PluginDatabase.cpp:
      (WebCore::PluginDatabase::add):
      (WebCore::PluginDatabase::loadPersistentMetadataCache):
      * plugins/win/PluginDatabaseWin.cpp:
      (WebCore::PluginDatabase::getPluginPathsInDirectories):
      * rendering/RenderBlock.cpp:
      (WebCore::RenderBlock::addPercentHeightDescendant):
      * rendering/RenderBlockLineLayout.cpp:
      (WebCore::setLogicalWidthForTextRun):
      * rendering/RenderNamedFlowThread.cpp:
      (WebCore::RenderNamedFlowThread::addDependencyOnFlowThread):
      * rendering/RenderRegion.cpp:
      (WebCore::RenderRegion::setRenderBoxRegionInfo):
      * rendering/svg/RenderSVGResourceGradient.cpp:
      (WebCore::RenderSVGResourceGradient::applyResource):
      * rendering/svg/RenderSVGResourcePattern.cpp:
      (WebCore::RenderSVGResourcePattern::applyResource):
      * storage/StorageMap.cpp:
      (WebCore::StorageMap::setItem):
      (WebCore::StorageMap::importItem):
      * svg/SVGDocumentExtensions.cpp:
      (WebCore::SVGDocumentExtensions::addPendingResource):
      * xml/XMLHttpRequest.cpp:
      (WebCore::XMLHttpRequest::setRequestHeaderInternal):
      * xml/XPathFunctions.cpp:
      (WebCore::XPath::FunId::evaluate):
      * xml/XPathPath.cpp:
      (WebCore::XPath::LocationPath::evaluate):
      * xml/XPathPredicate.cpp:
      (WebCore::XPath::Union::evaluate):
      
      Source/WebKit/chromium:
      
      Update code to use AddResult instead of a pair.
      
      * src/WebHTTPLoadInfo.cpp:
      (WebKit::addHeader):
      * src/WebURLResponse.cpp:
      (WebKit::WebURLResponse::addHTTPHeaderField):
      
      Source/WebKit/mac:
      
      Update code to use AddResult instead of a pair.
      
      * Plugins/Hosted/NetscapePluginHostManager.mm:
      (WebKit::NetscapePluginHostManager::hostForPlugin):
      * Plugins/Hosted/ProxyInstance.mm:
      (WebKit::ProxyInstance::methodsNamed):
      (WebKit::ProxyInstance::fieldNamed):
      * WebCoreSupport/WebNotificationClient.mm:
      (WebNotificationClient::show):
      
      Source/WebKit/win:
      
      Update code to use AddResult instead of a pair.
      
      * WebKitCOMAPI.cpp:
      (classFactory):
      
      Source/WebKit2:
      
      Update code to use AddResult instead of a pair.
      
      * Platform/CoreIPC/ArgumentCoders.h:
      * Platform/CoreIPC/Connection.cpp:
      (CoreIPC::Connection::SyncMessageState::getOrCreate):
      * Shared/MutableDictionary.cpp:
      (WebKit::MutableDictionary::add):
      (WebKit::MutableDictionary::set):
      * Shared/UserMessageCoders.h:
      (WebKit::UserMessageDecoder::baseDecode):
      * Shared/mac/CommandLineMac.cpp:
      (WebKit::CommandLine::parse):
      * UIProcess/API/mac/WKPrintingView.mm:
      (pageDidDrawToPDF):
      * UIProcess/API/mac/WKView.mm:
      (-[WKView validateUserInterfaceItem:]):
      * UIProcess/WebProcessProxy.cpp:
      (WebKit::WebProcessProxy::addBackForwardItem):
      * WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.cpp:
      (WebKit::InjectedBundleNodeHandle::getOrCreate):
      * WebProcess/InjectedBundle/DOM/InjectedBundleRangeHandle.cpp:
      (WebKit::InjectedBundleRangeHandle::getOrCreate):
      * WebProcess/Notifications/WebNotificationManager.cpp:
      (WebKit::WebNotificationManager::show):
      * WebProcess/WebProcess.cpp:
      (WebKit::WebProcess::createWebPage):
      (WebKit::WebProcess::webPageGroup):
      
      Source/WTF:
      
      Make HashTable<>::add() and derivate functions return an AddResult struct instead
      of a pair. This struct contains contains 'iterator' and 'isNewEntry' members, that are
      more readable at callsites than previous 'first' and 'second'.
      
      * wtf/HashCountedSet.h:
      (HashCountedSet):
      (WTF::::add):
      * wtf/HashMap.h:
      (HashMap):
      (WTF):
      (WTF::::set):
      * wtf/HashSet.h:
      (HashSet):
      (WTF::::add):
      (WTF):
      * wtf/HashTable.h:
      (WTF::HashTableAddResult::HashTableAddResult):
      (HashTableAddResult):
      (WTF):
      (HashTable):
      (WTF::HashTable::add):
      (WTF::::add):
      (WTF::::addPassingHashCode):
      * wtf/ListHashSet.h:
      (ListHashSet):
      (WTF::::add):
      (WTF::::insertBefore):
      * wtf/RefPtrHashMap.h:
      (WTF):
      (WTF::::set):
      * wtf/Spectrum.h:
      (WTF::Spectrum::add):
      * wtf/WTFThreadData.cpp:
      (JSC::IdentifierTable::add):
      * wtf/WTFThreadData.h:
      (IdentifierTable):
      * wtf/text/AtomicString.cpp:
      (WTF::addToStringTable):
      (WTF::AtomicString::addSlowCase):
      
      Tools:
      
      Update code to use AddResult instead of a pair.
      
      * DumpRenderTree/mac/LayoutTestControllerMac.mm:
      (LayoutTestController::evaluateScriptInIsolatedWorld):
      * DumpRenderTree/win/LayoutTestControllerWin.cpp:
      (LayoutTestController::evaluateScriptInIsolatedWorld):
      * WebKitTestRunner/InjectedBundle/LayoutTestController.cpp:
      (WTR::LayoutTestController::evaluateScriptInIsolatedWorld):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@112555 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4c11ee05
  31. 07 Mar, 2012 1 commit
    • barraclough@apple.com's avatar
      Array.prototype functions should throw if delete fails · 1052f503
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80467
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore: 
      
      All calls to [[Delete]] from Array.prototype are specified to pass 'true' as the value of Throw.
      In the case of shift/unshift, these are also missing a throw from the 'put' in the implementations
      in JSArray.cpp. There are effectively three copies of each of the generic shift/unshift routines,
      one in splice, one in ArrayPrototype's shift/unshift methods, and one in JSArray's shift/unshift
      routines, for handling arrays with holes. These three copies should be unified.
      
      * runtime/ArrayPrototype.cpp:
      (JSC::shift):
      (JSC::unshift):
          - Added - shared copies of the shift/unshift functionality.
      (JSC::arrayProtoFuncPop):
          - should throw if the delete fails.
      (JSC::arrayProtoFuncReverse):
          - should throw if the delete fails.
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
          - use shift/unshift.
      * runtime/JSArray.cpp:
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCount):
          - Don't try to handle arrays with holes; return a value indicating
            the generic routine should be used instead.
      * runtime/JSArray.h:
          - declaration for shiftCount/unshiftCount changed.
      * tests/mozilla/js1_6/Array/regress-304828.js:
          - this was asserting incorrect behaviour.
      
      LayoutTests: 
      
      * fast/js/mozilla/strict/15.4.4.12-expected.txt:
      * fast/js/mozilla/strict/15.4.4.13-expected.txt:
      * fast/js/mozilla/strict/15.4.4.6-expected.txt:
      * fast/js/mozilla/strict/15.4.4.8-expected.txt:
      * fast/js/mozilla/strict/15.4.4.9-expected.txt:
          - check in passing test results.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@110026 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1052f503
  32. 06 Mar, 2012 1 commit
    • barraclough@apple.com's avatar
      putByIndex should throw in strict mode · b1db28d8
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80335
      
      Reviewed by Filip Pizlo.
      
      Make the MethodTable PutByIndex trap take a boolean 'shouldThrow' parameter.
      
      Source/JavaScriptCore: 
      
      This is a largely mechanical change, simply adding an extra parameter to a number
      of functions. Some call sites need perform additional exception checks, and
      operationPutByValBeyondArrayBounds needs to know whether it is strict or not.
      
      This patch doesn't fix a missing throw from some cases of shift/unshift (this is
      an existing bug), I'll follow up with a third patch to handle that.
      
      * API/JSObjectRef.cpp:
      (JSObjectSetPropertyAtIndex):
      * JSCTypedArrayStubs.h:
      (JSC):
      * dfg/DFGOperations.cpp:
      (JSC::DFG::putByVal):
      * dfg/DFGOperations.h:
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * jsc.cpp:
      (GlobalObject::finishCreation):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/Arguments.cpp:
      (JSC::Arguments::putByIndex):
      * runtime/Arguments.h:
      (Arguments):
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncPush):
      (JSC::arrayProtoFuncReverse):
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSort):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      * runtime/ClassInfo.h:
      (MethodTable):
      * runtime/JSArray.cpp:
      (JSC::SparseArrayValueMap::put):
      (JSC::JSArray::put):
      (JSC::JSArray::putByIndex):
      (JSC::JSArray::putByIndexBeyondVectorLength):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCount):
      * runtime/JSArray.h:
      (SparseArrayValueMap):
      (JSArray):
      * runtime/JSByteArray.cpp:
      (JSC::JSByteArray::putByIndex):
      * runtime/JSByteArray.h:
      (JSByteArray):
      * runtime/JSCell.cpp:
      (JSC::JSCell::putByIndex):
      * runtime/JSCell.h:
      (JSCell):
      * runtime/JSNotAnObject.cpp:
      (JSC::JSNotAnObject::putByIndex):
      * runtime/JSNotAnObject.h:
      (JSNotAnObject):
      * runtime/JSONObject.cpp:
      (JSC::Walker::walk):
      * runtime/JSObject.cpp:
      (JSC::JSObject::putByIndex):
      * runtime/JSObject.h:
      (JSC::JSValue::putByIndex):
      * runtime/RegExpConstructor.cpp:
      (JSC::RegExpMatchesArray::fillArrayInstance):
      * runtime/RegExpMatchesArray.h:
      (JSC::RegExpMatchesArray::putByIndex):
      * runtime/StringPrototype.cpp:
      (JSC::stringProtoFuncSplit):
      
      Source/WebCore: 
      
      * bindings/js/SerializedScriptValue.cpp:
      (WebCore::CloneDeserializer::putProperty):
      * bindings/objc/WebScriptObject.mm:
      (-[WebScriptObject setWebScriptValueAtIndex:value:]):
      * bindings/scripts/CodeGeneratorJS.pm:
      (GenerateHeader):
      (GenerateImplementation):
      * bridge/NP_jsobject.cpp:
      (_NPN_SetProperty):
      * bridge/jni/jni_jsobject.mm:
      (JavaJSObject::setSlot):
      * bridge/runtime_array.cpp:
      (JSC::RuntimeArray::putByIndex):
      * bridge/runtime_array.h:
      (RuntimeArray):
      
      Source/WebKit/mac: 
      
      * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
      (WebKit::NetscapePluginInstanceProxy::setProperty):
      
      Source/WebKit2: 
      
      * WebProcess/Plugins/Netscape/NPJSObject.cpp:
      (WebKit::NPJSObject::setProperty):
      
      LayoutTests: 
      
      * fast/js/Object-defineProperty-expected.txt:
      * fast/js/mozilla/strict/15.4.4.12-expected.txt:
      * fast/js/mozilla/strict/15.4.4.13-expected.txt:
      * fast/js/mozilla/strict/15.4.4.8-expected.txt:
      * fast/js/mozilla/strict/15.4.4.9-expected.txt:
      * fast/js/mozilla/strict/15.5.5.2-expected.txt:
      * fast/js/mozilla/strict/8.12.5-expected.txt:
      * fast/js/preventExtensions-expected.txt:
      * fast/js/primitive-property-access-edge-cases-expected.txt:
          - Checking in passing test results.
      * fast/js/script-tests/Object-defineProperty.js:
          - Added test cases for putting to numeric properties where property is read-only,
            length is read-only, or property is accessor with missing set function.
      * fast/js/script-tests/preventExtensions.js:
          - Added test case, putting numeric property to non-extensible array.
      * fast/js/script-tests/primitive-property-access-edge-cases.js:
          - Enabled test cases for putting numeric properties to primitive strings.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109866 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b1db28d8
  33. 04 Mar, 2012 1 commit
    • barraclough@apple.com's avatar
      Split JSArray's [[Put]] & [[DefineOwnProperty]] traps. · cd37404e
      barraclough@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80217
      
      Reviewed by Filip Pizlo.
      
      putByIndex() provides similar behavior to put(), but for indexed property names.
      Many places in ArrayPrototype call putByIndex() where they really mean to call
      [[DefineOwnProperty]]. This is only okay due to a bug – putByIndex should be
      calling numeric accessors (& respecting numeric read only properties) on the
      prototype chain, but isn't. Add a new putDirectIndex (matching JSObject's
      putDirect* methods), to correctly provide a fast [[DefineOwnProperty]] interface.
      
      * runtime/ArrayPrototype.cpp:
      (JSC::arrayProtoFuncConcat):
      (JSC::arrayProtoFuncSlice):
      (JSC::arrayProtoFuncFilter):
      (JSC::arrayProtoFuncMap):
      * runtime/JSArray.cpp:
      (JSC):
      (JSC::reject):
      (JSC::SparseArrayValueMap::putDirect):
      (JSC::JSArray::defineOwnNumericProperty):
      (JSC::JSArray::putByIndexBeyondVectorLength):
      (JSC::JSArray::putDirectIndexBeyondVectorLength):
      * runtime/JSArray.h:
      (SparseArrayValueMap):
      (JSArray):
      (JSC::JSArray::putDirectIndex):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109673 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      cd37404e
  34. 26 Feb, 2012 1 commit
    • mhahnenberg@apple.com's avatar
      Implement fast path for op_new_array in the baseline JIT · 87ff87df
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=78612
      
      Reviewed by Filip Pizlo.
      
      heap/CopiedAllocator.h:
      (CopiedAllocator): Friended the JIT to allow access to m_currentOffset.
      * heap/CopiedSpace.h:
      (CopiedSpace): Friended the JIT to allow access to isOversize.
      (JSC::CopiedSpace::allocator):
      * heap/Heap.h:
      (JSC::Heap::storageAllocator): Added a getter for the CopiedAllocator class so the JIT
      can use it for simple allocation i.e. when we can just bump the offset without having to 
      do anything else.
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileSlowCases): Added new slow case for op_new_array for when
      we have to bail out because the fast allocation path fails for whatever reason.
      * jit/JIT.h:
      (JIT):
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateBasicStorage): Added utility function that allows objects to 
      allocate generic backing stores. This function is used by emitAllocateJSArray.
      (JSC):
      (JSC::JIT::emitAllocateJSArray): Added utility function that allows the client to 
      more easily allocate JSArrays. This function is used by emit_op_new_array and I expect 
      it will also be used for emit_op_new_array_buffer.
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_new_array): Changed to do inline allocation of JSArrays. Still does 
      a stub call for oversize arrays.
      (JSC):
      (JSC::JIT::emitSlow_op_new_array): New slow path that just bails out to a stub call if we 
      fail in any way on the fast path.
      * runtime/JSArray.cpp:
      (JSC):
      * runtime/JSArray.h: Added lots of offset functions for all the fields that we need to 
      initialize in the JIT.
      (ArrayStorage):
      (JSC::ArrayStorage::lengthOffset):
      (JSC::ArrayStorage::numValuesInVectorOffset):
      (JSC::ArrayStorage::allocBaseOffset):
      (JSC::ArrayStorage::vectorOffset):
      (JSArray):
      (JSC::JSArray::sparseValueMapOffset):
      (JSC::JSArray::subclassDataOffset):
      (JSC::JSArray::indexBiasOffset):
      (JSC):
      (JSC::JSArray::storageSize): Moved this function from being a static function in the cpp file
      to being a static function in the JSArray class. This move allows the JIT to call it to 
      see what size it should allocate.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108934 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      87ff87df
  35. 22 Feb, 2012 2 commits
    • mhahnenberg@apple.com's avatar
      Allocations from CopiedBlocks should always be 8-byte aligned · bd5ac227
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=79271
      
      Reviewed by Geoffrey Garen.
      
      * heap/CopiedAllocator.h:
      (JSC::CopiedAllocator::allocate):
      * heap/CopiedBlock.h: Changed to add padding so that the start of the payload is always 
      guaranteed to be 8 byte aligned on both 64- and 32-bit platforms.
      (CopiedBlock):
      * heap/CopiedSpace.cpp: Changed all assertions of isPointerAligned to is8ByteAligned.
      (JSC::CopiedSpace::tryAllocateOversize):
      (JSC::CopiedSpace::getFreshBlock):
      * heap/CopiedSpaceInlineMethods.h:
      (JSC::CopiedSpace::allocateFromBlock):
      * runtime/JSArray.h:
      (ArrayStorage): Added padding for ArrayStorage to make sure that it is always 8 byte 
      aligned on both 64- and 32-bit platforms.
      * wtf/StdLibExtras.h:
      (WTF::is8ByteAligned): Added new utility function that functions similarly to the 
      way isPointerAligned does, but it just always checks for 8 byte alignment.
      (WTF):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108553 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bd5ac227
    • fpizlo@apple.com's avatar
      JSC should be a triple-tier VM · 7bbcaab7
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=75812
      <rdar://problem/10079694>
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough.
              
      Implemented an interpreter that uses the JIT's calling convention. This
      interpreter is called LLInt, or the Low Level Interpreter. JSC will now
      will start by executing code in LLInt and will only tier up to the old
      JIT after the code is proven hot.
              
      LLInt is written in a modified form of our macro assembly. This new macro
      assembly is compiled by an offline assembler (see offlineasm), which
      implements many modern conveniences such as a Turing-complete CPS-based
      macro language and direct access to relevant C++ type information
      (basically offsets of fields and sizes of structs/classes).
              
      Code executing in LLInt appears to the rest of the JSC world "as if" it
      were executing in the old JIT. Hence, things like exception handling and
      cross-execution-engine calls just work and require pretty much no
      additional overhead.
              
      This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
      V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
      V8, and Kraken, but appear to get a double-digit improvement on real-world
      websites due to a huge reduction in the amount of JIT'ing.
              
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.pri:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.h:
      * assembler/MacroAssemblerCodeRef.h:
      (MacroAssemblerCodePtr):
      (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
      * bytecode/BytecodeConventions.h: Added.
      * bytecode/CallLinkStatus.cpp:
      (JSC::CallLinkStatus::computeFromLLInt):
      (JSC):
      (JSC::CallLinkStatus::computeFor):
      * bytecode/CallLinkStatus.h:
      (JSC::CallLinkStatus::isSet):
      (JSC::CallLinkStatus::operator!):
      (CallLinkStatus):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::ProgramCodeBlock::jettison):
      (JSC::EvalCodeBlock::jettison):
      (JSC::FunctionCodeBlock::jettison):
      (JSC::ProgramCodeBlock::jitCompileImpl):
      (JSC::EvalCodeBlock::jitCompileImpl):
      (JSC::FunctionCodeBlock::jitCompileImpl):
      * bytecode/CodeBlock.h:
      (JSC):
      (CodeBlock):
      (JSC::CodeBlock::baselineVersion):
      (JSC::CodeBlock::linkIncomingCall):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::CodeBlock::jitCompile):
      (JSC::CodeBlock::hasOptimizedReplacement):
      (JSC::CodeBlock::addPropertyAccessInstruction):
      (JSC::CodeBlock::addGlobalResolveInstruction):
      (JSC::CodeBlock::addLLIntCallLinkInfo):
      (JSC::CodeBlock::addGlobalResolveInfo):
      (JSC::CodeBlock::numberOfMethodCallLinkInfos):
      (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
      (JSC::CodeBlock::likelyToTakeSlowCase):
      (JSC::CodeBlock::couldTakeSlowCase):
      (JSC::CodeBlock::likelyToTakeSpecialFastCase):
      (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
      (JSC::CodeBlock::likelyToTakeAnySlowCase):
      (JSC::CodeBlock::addFrequentExitSite):
      (JSC::CodeBlock::dontJITAnytimeSoon):
      (JSC::CodeBlock::jitAfterWarmUp):
      (JSC::CodeBlock::jitSoon):
      (JSC::CodeBlock::llintExecuteCounter):
      (ProgramCodeBlock):
      (EvalCodeBlock):
      (FunctionCodeBlock):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::wasSeenInJIT):
      (GetByIdStatus):
      * bytecode/Instruction.h:
      (JSC):
      (JSC::Instruction::Instruction):
      (Instruction):
      * bytecode/LLIntCallLinkInfo.h: Added.
      (JSC):
      (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
      (LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::isLinked):
      (JSC::LLIntCallLinkInfo::unlink):
      * bytecode/MethodCallLinkStatus.cpp:
      (JSC::MethodCallLinkStatus::computeFor):
      * bytecode/Opcode.cpp:
      (JSC):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (PutByIdStatus):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitGetById):
      (JSC::BytecodeGenerator::emitPutById):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::emitCall):
      (JSC::BytecodeGenerator::emitConstruct):
      (JSC::BytecodeGenerator::emitCatch):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * heap/Heap.h:
      (JSC):
      (JSC::Heap::firstAllocatorWithoutDestructors):
      (Heap):
      * heap/MarkStack.cpp:
      (JSC::visitChildren):
      * heap/MarkedAllocator.h:
      (JSC):
      (MarkedAllocator):
      * heap/MarkedSpace.h:
      (JSC):
      (MarkedSpace):
      (JSC::MarkedSpace::firstAllocator):
      * interpreter/CallFrame.cpp:
      (JSC):
      (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::currentVPC):
      (JSC::CallFrame::setCurrentVPC):
      (JSC::CallFrame::trueCallerFrame):
      * interpreter/CallFrame.h:
      (JSC::ExecState::hasReturnPC):
      (JSC::ExecState::clearReturnPC):
      (ExecState):
      (JSC::ExecState::bytecodeOffsetForNonDFGCode):
      (JSC::ExecState::currentVPC):
      (JSC::ExecState::setCurrentVPC):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::~Interpreter):
      (JSC):
      (JSC::Interpreter::initialize):
      (JSC::Interpreter::isOpcode):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::getCallerInfo):
      (JSC::Interpreter::privateExecute):
      (JSC::Interpreter::retrieveLastCaller):
      * interpreter/Interpreter.h:
      (JSC):
      (Interpreter):
      (JSC::Interpreter::getOpcode):
      (JSC::Interpreter::getOpcodeID):
      (JSC::Interpreter::classicEnabled):
      * interpreter/RegisterFile.h:
      (JSC):
      (RegisterFile):
      * jit/ExecutableAllocator.h:
      (JSC):
      * jit/HostCallReturnValue.cpp: Added.
      (JSC):
      (JSC::getHostCallReturnValueWithExecState):
      * jit/HostCallReturnValue.h: Added.
      (JSC):
      (JSC::initializeHostCallReturnValue):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JITCode.h:
      (JSC::JITCode::isOptimizingJIT):
      (JITCode):
      (JSC::JITCode::isBaselineCode):
      (JSC::JITCode::JITCode):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITExceptions.cpp:
      (JSC::jitThrow):
      * jit/JITInlineMethods.h:
      (JSC::JIT::updateTopCallFrame):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC):
      * jit/JITStubs.h:
      (JSC):
      * jit/JSInterfaceJIT.h:
      * llint: Added.
      * llint/LLIntCommon.h: Added.
      * llint/LLIntData.cpp: Added.
      (LLInt):
      (JSC::LLInt::Data::Data):
      (JSC::LLInt::Data::performAssertions):
      (JSC::LLInt::Data::~Data):
      * llint/LLIntData.h: Added.
      (JSC):
      (LLInt):
      (Data):
      (JSC::LLInt::Data::exceptionInstructions):
      (JSC::LLInt::Data::opcodeMap):
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntEntrypoints.cpp: Added.
      (LLInt):
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h: Added.
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntExceptions.cpp: Added.
      (LLInt):
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrowForThrownException):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntExceptions.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntOfflineAsmConfig.h: Added.
      * llint/LLIntOffsetsExtractor.cpp: Added.
      (JSC):
      (LLIntOffsetsExtractor):
      (JSC::LLIntOffsetsExtractor::dummy):
      (main):
      * llint/LLIntSlowPaths.cpp: Added.
      (LLInt):
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::traceFunctionPrologue):
      (JSC::LLInt::shouldJIT):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::resolveGlobal):
      (JSC::LLInt::getByVal):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      (JSC::LLInt::genericCall):
      * llint/LLIntSlowPaths.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntThunks.cpp: Added.
      (LLInt):
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * llint/LLIntThunks.h: Added.
      (JSC):
      (LLInt):
      * llint/LowLevelInterpreter.asm: Added.
      * llint/LowLevelInterpreter.cpp: Added.
      * llint/LowLevelInterpreter.h: Added.
      * offlineasm: Added.
      * offlineasm/armv7.rb: Added.
      * offlineasm/asm.rb: Added.
      * offlineasm/ast.rb: Added.
      * offlineasm/backends.rb: Added.
      * offlineasm/generate_offset_extractor.rb: Added.
      * offlineasm/instructions.rb: Added.
      * offlineasm/offset_extractor_constants.rb: Added.
      * offlineasm/offsets.rb: Added.
      * offlineasm/opt.rb: Added.
      * offlineasm/parser.rb: Added.
      * offlineasm/registers.rb: Added.
      * offlineasm/self_hash.rb: Added.
      * offlineasm/settings.rb: Added.
      * offlineasm/transform.rb: Added.
      * offlineasm/x86.rb: Added.
      * runtime/CodeSpecializationKind.h: Added.
      (JSC):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::arityCheckFor):
      (CommonSlowPaths):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC):
      (JSC::EvalExecutable::jitCompile):
      (JSC::samplingDescription):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::baselineCodeBlockFor):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC):
      (EvalExecutable):
      (ProgramExecutable):
      (FunctionExecutable):
      (JSC::FunctionExecutable::jitCompileFor):
      * runtime/ExecutionHarness.h: Added.
      (JSC):
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      * runtime/JSArray.h:
      (JSC):
      (JSArray):
      * runtime/JSCell.h:
      (JSC):
      (JSCell):
      * runtime/JSFunction.h:
      (JSC):
      (JSFunction):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSC):
      (JSGlobalData):
      * runtime/JSGlobalObject.h:
      (JSC):
      (JSGlobalObject):
      * runtime/JSObject.h:
      (JSC):
      (JSObject):
      (JSFinalObject):
      * runtime/JSPropertyNameIterator.h:
      (JSC):
      (JSPropertyNameIterator):
      * runtime/JSString.h:
      (JSC):
      (JSString):
      * runtime/JSTypeInfo.h:
      (JSC):
      (TypeInfo):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/JSValue.h:
      (LLInt):
      (JSValue):
      * runtime/JSVariableObject.h:
      (JSC):
      (JSVariableObject):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * runtime/ScopeChain.h:
      (JSC):
      (ScopeChainNode):
      * runtime/Structure.cpp:
      (JSC::Structure::addPropertyTransition):
      * runtime/Structure.h:
      (JSC):
      (Structure):
      * runtime/StructureChain.h:
      (JSC):
      (StructureChain):
      * wtf/InlineASM.h:
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      (SentinelLinkedList):
      (WTF::SentinelLinkedList::isEmpty):
      * wtf/text/StringImpl.h:
      (JSC):
      (StringImpl):
      
      Source/WebCore: 
      
      Reviewed by Gavin Barraclough.
              
      No new tests, because there is no change in behavior.
      
      * CMakeLists.txt:
      
      Source/WebKit: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
              
      * CMakeLists.txt:
      
      Tools: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
      
      * DumpRenderTree/efl/CMakeLists.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108444 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7bbcaab7
  36. 21 Feb, 2012 2 commits
    • aroben@apple.com's avatar
      Roll out r108309, r108323, and r108326 · e089d623
      aroben@apple.com authored
      They broke the 32-bit Lion build.
      
      Original bugs is <http://webkit.org/b/75812> <rdar://problem/10079694>.
      
      Source/JavaScriptCore:
      
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.pri:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.h:
      * assembler/MacroAssemblerCodeRef.h:
      * bytecode/BytecodeConventions.h: Removed.
      * bytecode/CallLinkStatus.cpp:
      * bytecode/CallLinkStatus.h:
      * bytecode/CodeBlock.cpp:
      * bytecode/CodeBlock.h:
      * bytecode/GetByIdStatus.cpp:
      * bytecode/GetByIdStatus.h:
      * bytecode/Instruction.h:
      * bytecode/LLIntCallLinkInfo.h: Removed.
      * bytecode/MethodCallLinkStatus.cpp:
      * bytecode/Opcode.cpp:
      * bytecode/Opcode.h:
      * bytecode/PutByIdStatus.cpp:
      * bytecode/PutByIdStatus.h:
      * bytecompiler/BytecodeGenerator.cpp:
      * dfg/DFGByteCodeParser.cpp:
      * dfg/DFGCapabilities.h:
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * heap/Heap.h:
      * heap/MarkStack.cpp:
      * heap/MarkedAllocator.h:
      * heap/MarkedSpace.h:
      * interpreter/CallFrame.cpp:
      * interpreter/CallFrame.h:
      * interpreter/Interpreter.cpp:
      * interpreter/Interpreter.h:
      * interpreter/RegisterFile.h:
      * jit/ExecutableAllocator.h:
      * jit/HostCallReturnValue.cpp: Removed.
      * jit/HostCallReturnValue.h: Removed.
      * jit/JIT.cpp:
      * jit/JITCode.h:
      * jit/JITDriver.h:
      * jit/JITExceptions.cpp:
      * jit/JITInlineMethods.h:
      * jit/JITStubs.cpp:
      * jit/JITStubs.h:
      * jit/JSInterfaceJIT.h:
      * llint/LLIntCommon.h: Removed.
      * llint/LLIntData.cpp: Removed.
      * llint/LLIntData.h: Removed.
      * llint/LLIntEntrypoints.cpp: Removed.
      * llint/LLIntEntrypoints.h: Removed.
      * llint/LLIntExceptions.cpp: Removed.
      * llint/LLIntExceptions.h: Removed.
      * llint/LLIntOfflineAsmConfig.h: Removed.
      * llint/LLIntOffsetsExtractor.cpp: Removed.
      * llint/LLIntSlowPaths.cpp: Removed.
      * llint/LLIntSlowPaths.h: Removed.
      * llint/LLIntThunks.cpp: Removed.
      * llint/LLIntThunks.h: Removed.
      * llint/LowLevelInterpreter.asm: Removed.
      * llint/LowLevelInterpreter.cpp: Removed.
      * llint/LowLevelInterpreter.h: Removed.
      * offlineasm/armv7.rb: Removed.
      * offlineasm/asm.rb: Removed.
      * offlineasm/ast.rb: Removed.
      * offlineasm/backends.rb: Removed.
      * offlineasm/generate_offset_extractor.rb: Removed.
      * offlineasm/instructions.rb: Removed.
      * offlineasm/offset_extractor_constants.rb: Removed.
      * offlineasm/offsets.rb: Removed.
      * offlineasm/opt.rb: Removed.
      * offlineasm/parser.rb: Removed.
      * offlineasm/registers.rb: Removed.
      * offlineasm/self_hash.rb: Removed.
      * offlineasm/settings.rb: Removed.
      * offlineasm/transform.rb: Removed.
      * offlineasm/x86.rb: Removed.
      * runtime/CodeSpecializationKind.h: Removed.
      * runtime/CommonSlowPaths.h:
      * runtime/Executable.cpp:
      * runtime/Executable.h:
      * runtime/ExecutionHarness.h: Removed.
      * runtime/JSArray.h:
      * runtime/JSCell.h:
      * runtime/JSFunction.h:
      * runtime/JSGlobalData.cpp:
      * runtime/JSGlobalData.h:
      * runtime/JSGlobalObject.h:
      * runtime/JSObject.h:
      * runtime/JSPropertyNameIterator.h:
      * runtime/JSString.h:
      * runtime/JSTypeInfo.h:
      * runtime/JSValue.cpp:
      * runtime/JSValue.h:
      * runtime/JSVariableObject.h:
      * runtime/Options.cpp:
      * runtime/Options.h:
      * runtime/ScopeChain.h:
      * runtime/Structure.cpp:
      * runtime/Structure.h:
      * runtime/StructureChain.h:
      * wtf/InlineASM.h:
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      * wtf/text/StringImpl.h:
      
      Source/WebCore:
      
      * CMakeLists.txt:
      
      Source/WebKit:
      
      * CMakeLists.txt:
      
      Tools:
      
      * DumpRenderTree/efl/CMakeLists.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108358 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e089d623
    • fpizlo@apple.com's avatar
      JSC should be a triple-tier VM · 091129f4
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=75812
      <rdar://problem/10079694>
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough.
              
      Implemented an interpreter that uses the JIT's calling convention. This
      interpreter is called LLInt, or the Low Level Interpreter. JSC will now
      will start by executing code in LLInt and will only tier up to the old
      JIT after the code is proven hot.
              
      LLInt is written in a modified form of our macro assembly. This new macro
      assembly is compiled by an offline assembler (see offlineasm), which
      implements many modern conveniences such as a Turing-complete CPS-based
      macro language and direct access to relevant C++ type information
      (basically offsets of fields and sizes of structs/classes).
              
      Code executing in LLInt appears to the rest of the JSC world "as if" it
      were executing in the old JIT. Hence, things like exception handling and
      cross-execution-engine calls just work and require pretty much no
      additional overhead.
              
      This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
      V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
      V8, and Kraken, but appear to get a double-digit improvement on real-world
      websites due to a huge reduction in the amount of JIT'ing.
              
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.pri:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.h:
      * assembler/MacroAssemblerCodeRef.h:
      (MacroAssemblerCodePtr):
      (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
      * bytecode/BytecodeConventions.h: Added.
      * bytecode/CallLinkStatus.cpp:
      (JSC::CallLinkStatus::computeFromLLInt):
      (JSC):
      (JSC::CallLinkStatus::computeFor):
      * bytecode/CallLinkStatus.h:
      (JSC::CallLinkStatus::isSet):
      (JSC::CallLinkStatus::operator!):
      (CallLinkStatus):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::ProgramCodeBlock::jettison):
      (JSC::EvalCodeBlock::jettison):
      (JSC::FunctionCodeBlock::jettison):
      (JSC::ProgramCodeBlock::jitCompileImpl):
      (JSC::EvalCodeBlock::jitCompileImpl):
      (JSC::FunctionCodeBlock::jitCompileImpl):
      * bytecode/CodeBlock.h:
      (JSC):
      (CodeBlock):
      (JSC::CodeBlock::baselineVersion):
      (JSC::CodeBlock::linkIncomingCall):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::CodeBlock::jitCompile):
      (JSC::CodeBlock::hasOptimizedReplacement):
      (JSC::CodeBlock::addPropertyAccessInstruction):
      (JSC::CodeBlock::addGlobalResolveInstruction):
      (JSC::CodeBlock::addLLIntCallLinkInfo):
      (JSC::CodeBlock::addGlobalResolveInfo):
      (JSC::CodeBlock::numberOfMethodCallLinkInfos):
      (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
      (JSC::CodeBlock::likelyToTakeSlowCase):
      (JSC::CodeBlock::couldTakeSlowCase):
      (JSC::CodeBlock::likelyToTakeSpecialFastCase):
      (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
      (JSC::CodeBlock::likelyToTakeAnySlowCase):
      (JSC::CodeBlock::addFrequentExitSite):
      (JSC::CodeBlock::dontJITAnytimeSoon):
      (JSC::CodeBlock::jitAfterWarmUp):
      (JSC::CodeBlock::jitSoon):
      (JSC::CodeBlock::llintExecuteCounter):
      (ProgramCodeBlock):
      (EvalCodeBlock):
      (FunctionCodeBlock):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::wasSeenInJIT):
      (GetByIdStatus):
      * bytecode/Instruction.h:
      (JSC):
      (JSC::Instruction::Instruction):
      (Instruction):
      * bytecode/LLIntCallLinkInfo.h: Added.
      (JSC):
      (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
      (LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::isLinked):
      (JSC::LLIntCallLinkInfo::unlink):
      * bytecode/MethodCallLinkStatus.cpp:
      (JSC::MethodCallLinkStatus::computeFor):
      * bytecode/Opcode.cpp:
      (JSC):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (PutByIdStatus):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitGetById):
      (JSC::BytecodeGenerator::emitPutById):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::emitCall):
      (JSC::BytecodeGenerator::emitConstruct):
      (JSC::BytecodeGenerator::emitCatch):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * heap/Heap.h:
      (JSC):
      (JSC::Heap::firstAllocatorWithoutDestructors):
      (Heap):
      * heap/MarkStack.cpp:
      (JSC::visitChildren):
      * heap/MarkedAllocator.h:
      (JSC):
      (MarkedAllocator):
      * heap/MarkedSpace.h:
      (JSC):
      (MarkedSpace):
      (JSC::MarkedSpace::firstAllocator):
      * interpreter/CallFrame.cpp:
      (JSC):
      (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::currentVPC):
      (JSC::CallFrame::setCurrentVPC):
      (JSC::CallFrame::trueCallerFrame):
      * interpreter/CallFrame.h:
      (JSC::ExecState::hasReturnPC):
      (JSC::ExecState::clearReturnPC):
      (ExecState):
      (JSC::ExecState::bytecodeOffsetForNonDFGCode):
      (JSC::ExecState::currentVPC):
      (JSC::ExecState::setCurrentVPC):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::~Interpreter):
      (JSC):
      (JSC::Interpreter::initialize):
      (JSC::Interpreter::isOpcode):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::getCallerInfo):
      (JSC::Interpreter::privateExecute):
      (JSC::Interpreter::retrieveLastCaller):
      * interpreter/Interpreter.h:
      (JSC):
      (Interpreter):
      (JSC::Interpreter::getOpcode):
      (JSC::Interpreter::getOpcodeID):
      (JSC::Interpreter::classicEnabled):
      * interpreter/RegisterFile.h:
      (JSC):
      (RegisterFile):
      * jit/ExecutableAllocator.h:
      (JSC):
      * jit/HostCallReturnValue.cpp: Added.
      (JSC):
      (JSC::getHostCallReturnValueWithExecState):
      * jit/HostCallReturnValue.h: Added.
      (JSC):
      (JSC::initializeHostCallReturnValue):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JITCode.h:
      (JSC::JITCode::isOptimizingJIT):
      (JITCode):
      (JSC::JITCode::isBaselineCode):
      (JSC::JITCode::JITCode):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITExceptions.cpp:
      (JSC::jitThrow):
      * jit/JITInlineMethods.h:
      (JSC::JIT::updateTopCallFrame):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC):
      * jit/JITStubs.h:
      (JSC):
      * jit/JSInterfaceJIT.h:
      * llint: Added.
      * llint/LLIntCommon.h: Added.
      * llint/LLIntData.cpp: Added.
      (LLInt):
      (JSC::LLInt::Data::Data):
      (JSC::LLInt::Data::performAssertions):
      (JSC::LLInt::Data::~Data):
      * llint/LLIntData.h: Added.
      (JSC):
      (LLInt):
      (Data):
      (JSC::LLInt::Data::exceptionInstructions):
      (JSC::LLInt::Data::opcodeMap):
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntEntrypoints.cpp: Added.
      (LLInt):
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h: Added.
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntExceptions.cpp: Added.
      (LLInt):
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrowForThrownException):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntExceptions.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntOfflineAsmConfig.h: Added.
      * llint/LLIntOffsetsExtractor.cpp: Added.
      (JSC):
      (LLIntOffsetsExtractor):
      (JSC::LLIntOffsetsExtractor::dummy):
      (main):
      * llint/LLIntSlowPaths.cpp: Added.
      (LLInt):
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::traceFunctionPrologue):
      (JSC::LLInt::shouldJIT):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::resolveGlobal):
      (JSC::LLInt::getByVal):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      (JSC::LLInt::genericCall):
      * llint/LLIntSlowPaths.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntThunks.cpp: Added.
      (LLInt):
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * llint/LLIntThunks.h: Added.
      (JSC):
      (LLInt):
      * llint/LowLevelInterpreter.asm: Added.
      * llint/LowLevelInterpreter.cpp: Added.
      * llint/LowLevelInterpreter.h: Added.
      * offlineasm: Added.
      * offlineasm/armv7.rb: Added.
      * offlineasm/asm.rb: Added.
      * offlineasm/ast.rb: Added.
      * offlineasm/backends.rb: Added.
      * offlineasm/generate_offset_extractor.rb: Added.
      * offlineasm/instructions.rb: Added.
      * offlineasm/offset_extractor_constants.rb: Added.
      * offlineasm/offsets.rb: Added.
      * offlineasm/opt.rb: Added.
      * offlineasm/parser.rb: Added.
      * offlineasm/registers.rb: Added.
      * offlineasm/self_hash.rb: Added.
      * offlineasm/settings.rb: Added.
      * offlineasm/transform.rb: Added.
      * offlineasm/x86.rb: Added.
      * runtime/CodeSpecializationKind.h: Added.
      (JSC):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::arityCheckFor):
      (CommonSlowPaths):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC):
      (JSC::EvalExecutable::jitCompile):
      (JSC::samplingDescription):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::baselineCodeBlockFor):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC):
      (EvalExecutable):
      (ProgramExecutable):
      (FunctionExecutable):
      (JSC::FunctionExecutable::jitCompileFor):
      * runtime/ExecutionHarness.h: Added.
      (JSC):
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      * runtime/JSArray.h:
      (JSC):
      (JSArray):
      * runtime/JSCell.h:
      (JSC):
      (JSCell):
      * runtime/JSFunction.h:
      (JSC):
      (JSFunction):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSC):
      (JSGlobalData):
      * runtime/JSGlobalObject.h:
      (JSC):
      (JSGlobalObject):
      * runtime/JSObject.h:
      (JSC):
      (JSObject):
      (JSFinalObject):
      * runtime/JSPropertyNameIterator.h:
      (JSC):
      (JSPropertyNameIterator):
      * runtime/JSString.h:
      (JSC):
      (JSString):
      * runtime/JSTypeInfo.h:
      (JSC):
      (TypeInfo):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/JSValue.h:
      (LLInt):
      (JSValue):
      * runtime/JSVariableObject.h:
      (JSC):
      (JSVariableObject):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * runtime/ScopeChain.h:
      (JSC):
      (ScopeChainNode):
      * runtime/Structure.cpp:
      (JSC::Structure::addPropertyTransition):
      * runtime/Structure.h:
      (JSC):
      (Structure):
      * runtime/StructureChain.h:
      (JSC):
      (StructureChain):
      * wtf/InlineASM.h:
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      (SentinelLinkedList):
      (WTF::SentinelLinkedList::isEmpty):
      * wtf/text/StringImpl.h:
      (JSC):
      (StringImpl):
      
      Source/WebCore: 
      
      Reviewed by Gavin Barraclough.
              
      No new tests, because there is no change in behavior.
      
      * CMakeLists.txt:
      
      Source/WebKit: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
              
      * CMakeLists.txt:
      
      Tools: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
      
      * DumpRenderTree/efl/CMakeLists.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108309 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      091129f4